feat(vault): switch to Kubernetes service registration #171

Merged
unkinben merged 1 commits from benvin/vault-k8s-service-registration into main 2026-05-26 00:06:57 +10:00
Owner

Replaces Consul service registration with the native Kubernetes provider so Vault labels its own pods with active/standby/perf-standby status without requiring a Consul dependency.

Changes

  • values.yaml: swap service_registration "consul" for service_registration "kubernetes" {}, add VAULT_K8S_NAMESPACE and VAULT_K8S_POD_NAME env vars via downward API
  • role_k8s-service-registration.yaml: Role + RoleBinding granting the vault service account get/update/patch on pods
  • kustomization.yaml: include new RBAC file
Replaces Consul service registration with the native Kubernetes provider so Vault labels its own pods with active/standby/perf-standby status without requiring a Consul dependency. ## Changes - `values.yaml`: swap `service_registration "consul"` for `service_registration "kubernetes" {}`, add `VAULT_K8S_NAMESPACE` and `VAULT_K8S_POD_NAME` env vars via downward API - `role_k8s-service-registration.yaml`: Role + RoleBinding granting the `vault` service account `get`/`update`/`patch` on pods - `kustomization.yaml`: include new RBAC file
unkinben added 1 commit 2026-05-26 00:04:54 +10:00
feat(vault): switch to Kubernetes service registration
ci/woodpecker/pr/pre-commit Pipeline was successful
ci/woodpecker/pr/kubeconform Pipeline was successful
aef6698e2d
Replaces Consul service registration with the native Kubernetes
provider so Vault labels its own pods with active/standby status
without requiring a Consul dependency.
unkinben merged commit 3990fbfe06 into main 2026-05-26 00:06:57 +10:00
unkinben deleted branch benvin/vault-k8s-service-registration 2026-05-26 00:06:57 +10:00
Sign in to join this conversation.
No Reviewers
No Label
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: unkin/argocd-apps#171