Browse Source

external-secrets: change back to approle and remove prefix

main
Victor Roest 1 year ago
parent
commit
e22c22a58a
Signed by: 0x76 GPG Key ID: A3923C699D1A3BDA
  1. 8
      cluster/apps/presidential-paradise/zookeeper/external-secret.yaml
  2. 30
      cluster/core/external-secrets/external-secrets/vault-secret-store.yaml

8
cluster/apps/presidential-paradise/zookeeper/external-secret.yaml

@ -13,17 +13,17 @@ spec:
data:
- secretKey: DISCORD_APP_ID
remoteRef:
key: k8s/presidential-paradise/zookeeper
key: presidential-paradise/zookeeper
property: discord_app_id
- secretKey: DISCORD_PUBLIC_KEY
remoteRef:
key: k8s/presidential-paradise/zookeeper
key: presidential-paradise/zookeeper
property: discord_public_key
- secretKey: DISCORD_TOKEN
remoteRef:
key: k8s/presidential-paradise/zookeeper
key: presidential-paradise/zookeeper
property: discord_token
- secretKey: TWITTER_TOKEN
remoteRef:
key: k8s/presidential-paradise/zookeeper
key: presidential-paradise/zookeeper
property: twitter_token

30
cluster/core/external-secrets/external-secrets/vault-secret-store.yaml

@ -13,18 +13,18 @@ spec:
# VaultAppRole authenticates with Vault using the
# App Role auth mechanism
# https://www.vaultproject.io/docs/auth/approle
tokenSecretRef:
name: "vault-secret-id"
namespace: "external-secrets"
key: "token"
# appRole:
# # Path where the App Role authentication backend is mounted
# path: "approle"
# # RoleID configured in the App Role authentication backend
# roleId: "bb841a0e-45c1-9dab-36f0-f72647d6aff0"
# # Reference to a key in a K8 Secret that contains the App Role SecretId
# # (not commited in git)
# secretRef:
# name: "vault-secret-id"
# namespace: "external-secrets"
# key: "secret-id"
# tokenSecretRef:
# name: "vault-secret-id"
# namespace: "external-secrets"
# key: "token"
appRole:
# Path where the App Role authentication backend is mounted
path: "approle"
# RoleID configured in the App Role authentication backend
roleId: "bb841a0e-45c1-9dab-36f0-f72647d6aff0"
# Reference to a key in a K8 Secret that contains the App Role SecretId
# (not commited in git)
secretRef:
name: "vault-secret-id"
namespace: "external-secrets"
key: "secret-id"