dvirlabs/dev-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix resources

Browse Source
This commit is contained in:
dvirlabs 2025-10-01 12:34:57 +03:00
parent 1e9dbc2922
commit 2a78e851ba
6 changed files with 14 additions and 73 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
manifests/cluster-secret-store/internal-users/bootstrap-job.yaml
View File

@ -74,23 +74,3 @@ spec:
bound_audiences="https://kubernetes.default.svc" \ bound_audiences="https://kubernetes.default.svc" \
policies="eso-internal-users-read" \ policies="eso-internal-users-read" \
ttl=1h ttl=1h
---
apiVersion: external-secrets.io/v1beta1
kind: ClusterSecretStore
metadata:
name: vault-internal-users
annotations:
argocd.argoproj.io/sync-wave: "0"
spec:
provider:
vault:
server: "http://vault.dev-tools.svc.cluster.local:8200"
path: "internal-users"
version: "v2"
auth:
kubernetes:
mountPath: "kubernetes"
role: "eso-internal-users"
serviceAccountRef:
name: "external-secrets"
namespace: "dev-tools"

8
manifests/cluster-secret-store/internal-users/clustersecretstore.yaml
View File

@ -3,7 +3,7 @@ kind: ClusterSecretStore
metadata: metadata:
name: vault-internal-users name: vault-internal-users
annotations: annotations:
argocd.argoproj.io/sync-wave: "2" argocd.argoproj.io/sync-wave: "0"
spec: spec:
provider: provider:
vault: vault:
@ -12,8 +12,8 @@ spec:
version: "v2" version: "v2"
auth: auth:
kubernetes: kubernetes:
mountPath: "auth/kubernetes" mountPath: "kubernetes"
role: "eso-internal-users" role: "eso-internal-users"
serviceAccountRef: serviceAccountRef:
name: external-secrets name: "external-secrets"
namespace: dev-tools namespace: "dev-tools"

22
manifests/cluster-secret-store/oidc/bootstrap-job.yaml
View File

@ -73,24 +73,4 @@ spec:
bound_service_account_namespaces="dev-tools" \ bound_service_account_namespaces="dev-tools" \
bound_audiences="https://kubernetes.default.svc" \ bound_audiences="https://kubernetes.default.svc" \
policies="eso-oidc-read" \ policies="eso-oidc-read" \
ttl=1h ttl=1h
---
apiVersion: external-secrets.io/v1beta1
kind: ClusterSecretStore
metadata:
name: vault-oidc-secrets
annotations:
argocd.argoproj.io/sync-wave: "0"
spec:
provider:
vault:
server: "http://vault.dev-tools.svc.cluster.local:8200"
path: "oidc-secrets"
version: "v2"
auth:
kubernetes:
mountPath: "kubernetes"
role: "eso-oidc"
serviceAccountRef:
name: "external-secrets"
namespace: "dev-tools"

8
manifests/cluster-secret-store/oidc/clustersecretstore.yaml
View File

@ -3,7 +3,7 @@ kind: ClusterSecretStore
metadata: metadata:
name: vault-oidc-secrets name: vault-oidc-secrets
annotations: annotations:
argocd.argoproj.io/sync-wave: "2" argocd.argoproj.io/sync-wave: "0"
spec: spec:
provider: provider:
vault: vault:
@ -12,8 +12,8 @@ spec:
version: "v2" version: "v2"
auth: auth:
kubernetes: kubernetes:
mountPath: "auth/kubernetes" mountPath: "kubernetes"
role: "eso-oidc" role: "eso-oidc"
serviceAccountRef: serviceAccountRef:
name: external-secrets name: "external-secrets"
namespace: dev-tools namespace: "dev-tools"

21
manifests/cluster-secret-store/vault-general-secrets/bootstrap-job.yaml
View File

@ -74,23 +74,4 @@ spec:
bound_audiences="https://kubernetes.default.svc" \ bound_audiences="https://kubernetes.default.svc" \
policies="eso-general-read" \ policies="eso-general-read" \
ttl=1h ttl=1h
---
apiVersion: external-secrets.io/v1beta1
kind: ClusterSecretStore
metadata:
name: vault-general-secrets
annotations:
argocd.argoproj.io/sync-wave: "0"
spec:
provider:
vault:
server: "http://vault.dev-tools.svc.cluster.local:8200"
path: "general-secrets"
version: "v2"
auth:
kubernetes:
mountPath: "kubernetes"
role: "eso-general"
serviceAccountRef:
name: "external-secrets"
namespace: "dev-tools"

8
manifests/cluster-secret-store/vault-general-secrets/clustersecretstore.yaml
View File

@ -3,7 +3,7 @@ kind: ClusterSecretStore
metadata: metadata:
name: vault-general-secrets name: vault-general-secrets
annotations: annotations:
argocd.argoproj.io/sync-wave: "2" argocd.argoproj.io/sync-wave: "0"
spec: spec:
provider: provider:
vault: vault:
@ -12,8 +12,8 @@ spec:
version: "v2" version: "v2"
auth: auth:
kubernetes: kubernetes:
mountPath: "auth/kubernetes" mountPath: "kubernetes"
role: "eso-general" role: "eso-general"
serviceAccountRef: serviceAccountRef:
name: external-secrets name: "external-secrets"
namespace: dev-tools namespace: "dev-tools"