Gabriel Radureau
8b1485e143
Adds VaultAuth + VaultStaticSecret + VaultDynamicSecret templates gated behind .Values.vault.enabled (default false). Default helm install keeps working in degraded mode. Chart becomes Vault-ready without activating Vault dependencies. iac/ terraform + Vault workflow follow as PR-IAC1 (requires user manual prereqs in Vault). Generated by Mistral Vibe. Co-Authored-By: Mistral Vibe <vibe@mistral.ai>
17 lines
341 B
YAML
17 lines
341 B
YAML
{{- if .Values.vault.enabled }}
|
|
apiVersion: secrets.hashicorp.com/v1beta1
|
|
kind: VaultStaticSecret
|
|
metadata:
|
|
name: vault-kv-app
|
|
namespace: {{ .Release.Namespace }}
|
|
spec:
|
|
type: kv-v2
|
|
mount: kvv2
|
|
path: {{ .Values.vault.kvv2Path }}
|
|
destination:
|
|
name: secretkv
|
|
create: true
|
|
refreshAfter: 30s
|
|
vaultAuthRef: auth
|
|
{{- end }}
|