feat: add artifact-keeper

- converted the artifact-keeper helm-chart into kustomization manifests
- converted postgres to cnpg
- moved secrets to vault
This commit is contained in:
2026-04-19 11:27:42 +10:00
parent 7d555cd31a
commit 2254a39d77
24 changed files with 1500 additions and 0 deletions
@@ -0,0 +1,51 @@
---
apiVersion: secrets.hashicorp.com/v1beta1
kind: VaultStaticSecret
metadata:
name: postgres-credentials
namespace: artifact-keeper
spec:
destination:
create: true
name: postgres-credentials
overwrite: true
hmacSecretData: true
mount: kv
path: kubernetes/namespace/artifact-keeper/default/postgres-credentials
refreshAfter: 5m
type: kv-v2
vaultAuthRef: default
---
apiVersion: secrets.hashicorp.com/v1beta1
kind: VaultStaticSecret
metadata:
name: app-secrets
namespace: artifact-keeper
spec:
destination:
create: true
name: app-secrets
overwrite: true
hmacSecretData: true
mount: kv
path: kubernetes/namespace/artifact-keeper/default/app-secrets
refreshAfter: 5m
type: kv-v2
vaultAuthRef: default
---
apiVersion: secrets.hashicorp.com/v1beta1
kind: VaultStaticSecret
metadata:
name: s3-credentials
namespace: artifact-keeper
spec:
destination:
create: true
name: s3-credentials
overwrite: true
hmacSecretData: true
mount: kv
path: kubernetes/namespace/artifact-keeper/default/s3-credentials
refreshAfter: 5m
type: kv-v2
vaultAuthRef: default