external-secrets: back to approle

cluster/core/external-secrets/external-secrets/vault-secret-store.yaml

@@ -13,18 +13,14 @@ spec:
         # VaultAppRole authenticates with Vault using the
         # App Role auth mechanism
         # https://www.vaultproject.io/docs/auth/approle
-        tokenSecretRef:
+        appRole:
-          name: "vault-secret-id"
+          # Path where the App Role authentication backend is mounted
-          namespace: "external-secrets"
+          path: "approle"
-          key: "token"
+          # RoleID configured in the App Role authentication backend
-        # appRole:
+          roleId: "bb841a0e-45c1-9dab-36f0-f72647d6aff0"
-        #   # Path where the App Role authentication backend is mounted
+          # Reference to a key in a K8 Secret that contains the App Role SecretId
-        #   path: "approle"
+          # (not commited in git)
-        #   # RoleID configured in the App Role authentication backend
+          secretRef:
-        #   roleId: "bb841a0e-45c1-9dab-36f0-f72647d6aff0"
+            name: "vault-secret-id"
-        #   # Reference to a key in a K8 Secret that contains the App Role SecretId
+            namespace: "external-secrets"
-        #   # (not commited in git)
+            key: "secret-id"
-        #   secretRef:
-        #     name: "vault-secret-id"
-        #     namespace: "external-secrets"
-        #     key: "secret-id"