move renovate gitea token to vault
This commit is contained in:
38
apps/renovate/secret.yaml
Normal file
38
apps/renovate/secret.yaml
Normal file
@@ -0,0 +1,38 @@
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: renovate
|
||||
namespace: renovate
|
||||
---
|
||||
apiVersion: secrets.hashicorp.com/v1beta1
|
||||
kind: VaultAuth
|
||||
metadata:
|
||||
name: renovate
|
||||
namespace: renovate
|
||||
spec:
|
||||
method: kubernetes
|
||||
mount: kubernetes
|
||||
kubernetes:
|
||||
role: renovate
|
||||
serviceAccount: renovate
|
||||
---
|
||||
apiVersion: secrets.hashicorp.com/v1beta1
|
||||
kind: VaultStaticSecret
|
||||
metadata:
|
||||
name: renovate-gitea-token
|
||||
namespace: renovate
|
||||
spec:
|
||||
type: kv-v2
|
||||
|
||||
mount: secret
|
||||
path: renovate
|
||||
|
||||
destination:
|
||||
create: true
|
||||
name: renovate-gitea-token
|
||||
type: Opaque
|
||||
transformation:
|
||||
excludeRaw: true
|
||||
|
||||
vaultAuthRef: renovate
|
||||
Reference in New Issue
Block a user