external-secrets: add vault store
This commit is contained in:
parent
8bbbecd7e5
commit
888b33fa77
|
@ -3,3 +3,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1
|
|||
kind: Kustomization
|
||||
resources:
|
||||
- helm-release.yaml
|
||||
- vault-secret-store
|
||||
|
|
|
@ -0,0 +1,26 @@
|
|||
apiVersion: external-secrets.io/v1alpha1
|
||||
kind: ClusterSecretStore
|
||||
metadata:
|
||||
name: vault
|
||||
namespace: external-secrets
|
||||
spec:
|
||||
provider:
|
||||
vault:
|
||||
server: "http://10.42.42.6:8200"
|
||||
path: "k8s"
|
||||
version: "v2"
|
||||
auth:
|
||||
# VaultAppRole authenticates with Vault using the
|
||||
# App Role auth mechanism
|
||||
# https://www.vaultproject.io/docs/auth/approle
|
||||
appRole:
|
||||
# Path where the App Role authentication backend is mounted
|
||||
path: "approle"
|
||||
# RoleID configured in the App Role authentication backend
|
||||
roleId: "bb841a0e-45c1-9dab-36f0-f72647d6aff0"
|
||||
# Reference to a key in a K8 Secret that contains the App Role SecretId
|
||||
# (not commited in git)
|
||||
secretRef:
|
||||
name: "vault-secret-id"
|
||||
namespace: "external-secrets"
|
||||
key: "secret-id"
|
Loading…
Reference in a new issue