44 lines
792 B
YAML
44 lines
792 B
YAML
---
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
name: kaneo-secret
|
|
namespace: kaneo
|
|
---
|
|
apiVersion: secrets.hashicorp.com/v1beta1
|
|
kind: VaultAuth
|
|
metadata:
|
|
name: kaneo
|
|
namespace: kaneo
|
|
spec:
|
|
method: kubernetes
|
|
mount: kubernetes
|
|
kubernetes:
|
|
role: kaneo
|
|
serviceAccount: kaneo-secret
|
|
---
|
|
apiVersion: secrets.hashicorp.com/v1beta1
|
|
kind: VaultStaticSecret
|
|
metadata:
|
|
name: kaneo-authentik
|
|
namespace: kaneo
|
|
spec:
|
|
type: kv-v2
|
|
|
|
mount: secret
|
|
path: authentik/kaneo
|
|
|
|
destination:
|
|
create: true
|
|
name: kaneo-authentik
|
|
type: Opaque
|
|
transformation:
|
|
excludeRaw: true
|
|
templates:
|
|
client_id:
|
|
text: '{{ get .Secrets "client_id" }}'
|
|
client_secret:
|
|
text: '{{ get .Secrets "client_secret" }}'
|
|
|
|
vaultAuthRef: kaneo
|