kubernetes/argocd
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

enable

Browse Source
This commit is contained in:
Melvin
2026-01-22 20:53:53 +01:00
parent cb8b05ddc1
commit 74de187ee7
8 changed files with 319 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
helm/cert-manager-webhook-ovh/ops/templates/clustersecretstore-vault.yaml Normal file
View File

@@ -0,0 +1,40 @@
{{- if .Values.externalSecret.enabled }}
apiVersion: external-secrets.io/v1beta1
kind: ClusterSecretStore
metadata:
name: {{ .Values.externalSecret.vault.secretStoreName | default "vault-backend" }}
labels:
app.kubernetes.io/name: cert-manager-webhook-ovh
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
spec:
provider:
vault:
server: {{ .Values.externalSecret.vault.server }}
path: {{ .Values.externalSecret.vault.path | default "secret" }}
version: {{ .Values.externalSecret.vault.version | default "v2" }}
auth:
{{- if .Values.externalSecret.vault.auth.kubernetes }}
kubernetes:
mountPath: {{ .Values.externalSecret.vault.auth.kubernetes.mountPath | default "kubernetes" }}
role: {{ .Values.externalSecret.vault.auth.kubernetes.role }}
{{- if .Values.externalSecret.vault.auth.kubernetes.serviceAccountRef }}
serviceAccountRef:
name: {{ .Values.externalSecret.vault.auth.kubernetes.serviceAccountRef.name }}
{{- if .Values.externalSecret.vault.auth.kubernetes.serviceAccountRef.namespace }}
namespace: {{ .Values.externalSecret.vault.auth.kubernetes.serviceAccountRef.namespace }}
{{- end }}
{{- end }}
{{- else if .Values.externalSecret.vault.auth.token }}
tokenSecretRef:
name: {{ .Values.externalSecret.vault.auth.token.secretName }}
key: {{ .Values.externalSecret.vault.auth.token.secretKey | default "token" }}
{{- else if .Values.externalSecret.vault.auth.appRole }}
appRole:
path: {{ .Values.externalSecret.vault.auth.appRole.path | default "approle" }}
roleId: {{ .Values.externalSecret.vault.auth.appRole.roleId }}
secretRef:
name: {{ .Values.externalSecret.vault.auth.appRole.secretRef.name }}
key: {{ .Values.externalSecret.vault.auth.appRole.secretRef.key | default "secretId" }}
{{- end }}
{{- end }}