From c5dd3cc5cba7bc6e124513e9e7218e68897dba33 Mon Sep 17 00:00:00 2001 From: Ben Vincent Date: Thu, 21 May 2026 23:13:48 +1000 Subject: [PATCH] feat: add terraform_vault role (#127) this adds a service account that can be used to run the terraform_vault workflows with, so that we can access the jwt to generate a token Reviewed-on: https://git.unkin.net/unkin/argocd-apps/pulls/127 --- apps/base/woodpecker/kustomization.yaml | 1 + apps/base/woodpecker/serviceaccount_terraform_vault.yaml | 6 ++++++ 2 files changed, 7 insertions(+) create mode 100644 apps/base/woodpecker/serviceaccount_terraform_vault.yaml diff --git a/apps/base/woodpecker/kustomization.yaml b/apps/base/woodpecker/kustomization.yaml index be1bb41..8fd53fe 100644 --- a/apps/base/woodpecker/kustomization.yaml +++ b/apps/base/woodpecker/kustomization.yaml @@ -6,5 +6,6 @@ resources: - namespace.yaml - cnpg_cluster.yaml - cnpg_pooler.yaml + - serviceaccount_terraform_vault.yaml - vaultauth.yaml - vaultstaticsecret.yaml diff --git a/apps/base/woodpecker/serviceaccount_terraform_vault.yaml b/apps/base/woodpecker/serviceaccount_terraform_vault.yaml new file mode 100644 index 0000000..5d29fc9 --- /dev/null +++ b/apps/base/woodpecker/serviceaccount_terraform_vault.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: terraform_vault + namespace: woodpecker