48 lines
1.7 KiB
YAML
48 lines
1.7 KiB
YAML
# services/maintenance/secretproviderclass.yaml
|
|
apiVersion: secrets-store.csi.x-k8s.io/v1
|
|
kind: SecretProviderClass
|
|
metadata:
|
|
name: maintenance-vault
|
|
namespace: maintenance
|
|
spec:
|
|
provider: vault
|
|
parameters:
|
|
vaultAddress: "http://vault.vault.svc.cluster.local:8200"
|
|
roleName: "maintenance"
|
|
objects: |
|
|
- objectName: "harbor-pull__dockerconfigjson"
|
|
secretPath: "kv/data/atlas/shared/harbor-pull"
|
|
secretKey: "dockerconfigjson"
|
|
- objectName: "harbor-core__harbor_admin_password"
|
|
secretPath: "kv/data/atlas/harbor/harbor-core"
|
|
secretKey: "harbor_admin_password"
|
|
- objectName: "metis-ssh-keys__bastion_pub"
|
|
secretPath: "kv/data/atlas/maintenance/metis-ssh-keys"
|
|
secretKey: "bastion_pub"
|
|
- objectName: "metis-ssh-keys__brad_pub"
|
|
secretPath: "kv/data/atlas/maintenance/metis-ssh-keys"
|
|
secretKey: "brad_pub"
|
|
- objectName: "metis-ssh-keys__hecate_tethys_pub"
|
|
secretPath: "kv/data/atlas/maintenance/metis-ssh-keys"
|
|
secretKey: "hecate_tethys_pub"
|
|
secretObjects:
|
|
- secretName: harbor-regcred
|
|
type: kubernetes.io/dockerconfigjson
|
|
data:
|
|
- objectName: harbor-pull__dockerconfigjson
|
|
key: .dockerconfigjson
|
|
- secretName: metis-harbor
|
|
type: Opaque
|
|
data:
|
|
- objectName: harbor-core__harbor_admin_password
|
|
key: METIS_HARBOR_PASSWORD
|
|
- secretName: metis-ssh-keys
|
|
type: Opaque
|
|
data:
|
|
- objectName: metis-ssh-keys__bastion_pub
|
|
key: bastion_pub
|
|
- objectName: metis-ssh-keys__brad_pub
|
|
key: brad_pub
|
|
- objectName: metis-ssh-keys__hecate_tethys_pub
|
|
key: hecate_tethys_pub
|