diff --git a/apps/base/artifactapi/cnpg_cluster.yaml b/apps/base/artifactapi/cnpg_cluster.yaml index 91a4487..9404b7c 100644 --- a/apps/base/artifactapi/cnpg_cluster.yaml +++ b/apps/base/artifactapi/cnpg_cluster.yaml @@ -15,7 +15,7 @@ spec: localeCollate: C owner: artifacts secret: - name: postgres-password + name: postgres-credentials enablePDB: true enableSuperuserAccess: false failoverDelay: 0 diff --git a/apps/base/artifactapi/vaultstaticsecret.yaml b/apps/base/artifactapi/vaultstaticsecret.yaml index 68c1af5..b47f783 100644 --- a/apps/base/artifactapi/vaultstaticsecret.yaml +++ b/apps/base/artifactapi/vaultstaticsecret.yaml @@ -32,3 +32,20 @@ spec: refreshAfter: 5m type: kv-v2 vaultAuthRef: default +--- +apiVersion: secrets.hashicorp.com/v1beta1 +kind: VaultStaticSecret +metadata: + name: postgres-credentials + namespace: puppet +spec: + destination: + create: true + name: postgres-credentials + overwrite: true + hmacSecretData: true + mount: kv + path: service/artifactapi/postgres-credentials + refreshAfter: 5m + type: kv-v2 + vaultAuthRef: default