29 lines
842 B
YAML
29 lines
842 B
YAML
apiVersion: batch/v1
|
|
kind: Job
|
|
metadata:
|
|
name: vault-seed-grafana-oidc
|
|
namespace: dev-tools
|
|
spec:
|
|
template:
|
|
spec:
|
|
restartPolicy: OnFailure
|
|
containers:
|
|
- name: seed
|
|
image: harbor.dvirlabs.com/dev-tools/vault:1.15.5-curl
|
|
command: ["/bin/sh", "-c"]
|
|
args:
|
|
- |
|
|
export VAULT_ADDR=http://vault.dev-tools.svc.cluster.local:8200
|
|
export VAULT_TOKEN=$(cat /vault/secrets/root-token)
|
|
vault kv put secret/grafana-oidc client_secret=6mfAtg8ZrioiCZMsbMi4dbZyJk205nRi
|
|
volumeMounts:
|
|
- name: vault-token
|
|
mountPath: /vault/secrets
|
|
readOnly: true
|
|
volumes:
|
|
- name: vault-token
|
|
secret:
|
|
secretName: vault-init
|
|
|
|
nodeSelector:
|
|
node-role.kubernetes.io/worker: "true" |