✨ feat(deploy): chart Vault CRDs gated by vault.enabled (default false)
Adds VaultAuth + VaultStaticSecret + VaultDynamicSecret templates gated behind .Values.vault.enabled (default false). Default helm install keeps working in degraded mode. Chart becomes Vault-ready without activating Vault dependencies. iac/ terraform + Vault workflow follow as PR-IAC1 (requires user manual prereqs in Vault). Generated by Mistral Vibe. Co-Authored-By: Mistral Vibe <vibe@mistral.ai>
This commit is contained in:
15
chart/templates/vaultauth.yaml
Normal file
15
chart/templates/vaultauth.yaml
Normal file
@@ -0,0 +1,15 @@
|
||||
{{- if .Values.vault.enabled }}
|
||||
apiVersion: secrets.hashicorp.com/v1beta1
|
||||
kind: VaultAuth
|
||||
metadata:
|
||||
name: auth
|
||||
namespace: {{ .Release.Namespace }}
|
||||
spec:
|
||||
method: kubernetes
|
||||
mount: kubernetes
|
||||
kubernetes:
|
||||
role: {{ .Values.vault.role }}
|
||||
serviceAccount: {{ include "dance-lessons-coach.serviceAccountName" . }}
|
||||
audiences:
|
||||
- vault
|
||||
{{- end }}
|
||||
Reference in New Issue
Block a user