31 lines
1.1 KiB
YAML
31 lines
1.1 KiB
YAML
# services/gitea/secretproviderclass.yaml
|
|
apiVersion: secrets-store.csi.x-k8s.io/v1
|
|
kind: SecretProviderClass
|
|
metadata:
|
|
name: gitea-vault
|
|
namespace: gitea
|
|
spec:
|
|
provider: vault
|
|
parameters:
|
|
vaultAddress: "http://vault.vault.svc.cluster.local:8200"
|
|
roleName: "gitea"
|
|
objects: |
|
|
- objectName: "gitea-db-secret__password"
|
|
secretPath: "kv/data/atlas/gitea/gitea-db-secret"
|
|
secretKey: "password"
|
|
- objectName: "gitea-secret__SECRET_KEY"
|
|
secretPath: "kv/data/atlas/gitea/gitea-secret"
|
|
secretKey: "SECRET_KEY"
|
|
- objectName: "gitea-secret__INTERNAL_TOKEN"
|
|
secretPath: "kv/data/atlas/gitea/gitea-secret"
|
|
secretKey: "INTERNAL_TOKEN"
|
|
- objectName: "gitea-oidc__client_id"
|
|
secretPath: "kv/data/atlas/gitea/gitea-oidc"
|
|
secretKey: "client_id"
|
|
- objectName: "gitea-oidc__client_secret"
|
|
secretPath: "kv/data/atlas/gitea/gitea-oidc"
|
|
secretKey: "client_secret"
|
|
- objectName: "gitea-oidc__openid_auto_discovery_url"
|
|
secretPath: "kv/data/atlas/gitea/gitea-oidc"
|
|
secretKey: "openid_auto_discovery_url"
|