K3S-HOME/security
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b523935f3b2b0169c0ff6caac838edc715ea8772
security/vault/external-secret.yaml
Mayne0213 207351a932 FEAT(postgresql): configure vault 
- to use externalsecret for postgresq...
- Add ExternalSecret to pull vault config from Vault itself
- Add RBAC for vault token reviewer (kubernetes auth)
- Update helm-values to mount secret as config
- Connection string is now stored in Vault, not in git
2026-01-04 23:41:39 +09:00

19 lines
425 B
YAML
Raw Blame History

apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: vault-config
namespace: vault
spec:
refreshInterval: 1h
secretStoreRef:
name: vault-backend
kind: ClusterSecretStore
target:
name: vault-config-secret
creationPolicy: Owner
data:
- secretKey: extraconfig-from-values.hcl
remoteRef:
key: secret/data/vault/config
property: extraconfig-from-values.hcl
Reference in New Issue View Git Blame Copy Permalink