|
@@ -65,7 +65,6 @@ spec:
|
|
|
# static token: https://www.vaultproject.io/docs/auth/token
|
|
# static token: https://www.vaultproject.io/docs/auth/token
|
|
|
tokenSecretRef:
|
|
tokenSecretRef:
|
|
|
name: "my-secret"
|
|
name: "my-secret"
|
|
|
- namespace: "secret-admin"
|
|
|
|
|
key: "vault-token"
|
|
key: "vault-token"
|
|
|
|
|
|
|
|
# AppRole auth: https://www.vaultproject.io/docs/auth/approle
|
|
# AppRole auth: https://www.vaultproject.io/docs/auth/approle
|
|
@@ -74,7 +73,6 @@ spec:
|
|
|
roleId: "db02de05-fa39-4855-059b-67221c5c2f63"
|
|
roleId: "db02de05-fa39-4855-059b-67221c5c2f63"
|
|
|
secretRef:
|
|
secretRef:
|
|
|
name: "my-secret"
|
|
name: "my-secret"
|
|
|
- namespace: "secret-admin"
|
|
|
|
|
key: "vault-token"
|
|
key: "vault-token"
|
|
|
|
|
|
|
|
# Kubernetes auth: https://www.vaultproject.io/docs/auth/kubernetes
|
|
# Kubernetes auth: https://www.vaultproject.io/docs/auth/kubernetes
|
|
@@ -84,12 +82,10 @@ spec:
|
|
|
# Optional service account reference
|
|
# Optional service account reference
|
|
|
serviceAccountRef:
|
|
serviceAccountRef:
|
|
|
name: "my-sa"
|
|
name: "my-sa"
|
|
|
- namespace: "secret-admin"
|
|
|
|
|
# Optional secret field containing a Kubernetes ServiceAccount JWT
|
|
# Optional secret field containing a Kubernetes ServiceAccount JWT
|
|
|
# used for authenticating with Vault
|
|
# used for authenticating with Vault
|
|
|
secretRef:
|
|
secretRef:
|
|
|
name: "my-secret"
|
|
name: "my-secret"
|
|
|
- namespace: "secret-admin"
|
|
|
|
|
key: "vault"
|
|
key: "vault"
|
|
|
|
|
|
|
|
# (2): GCP Secret Manager
|
|
# (2): GCP Secret Manager
|
Gustavo Carvalho