b6f8cb0633
- ensure kanidm is restarted with vault secrets Reviewed-on: #180
24 lines
504 B
YAML
24 lines
504 B
YAML
---
|
|
apiVersion: secrets.hashicorp.com/v1beta1
|
|
kind: VaultStaticSecret
|
|
metadata:
|
|
name: repl-certs
|
|
namespace: kanidm
|
|
labels:
|
|
app.kubernetes.io/name: kanidm
|
|
app.kubernetes.io/instance: kanidm
|
|
spec:
|
|
vaultAuthRef: default
|
|
mount: kv
|
|
type: kv-v2
|
|
path: kubernetes/namespace/kanidm/default/repl-certs
|
|
refreshAfter: 5m
|
|
destination:
|
|
name: kanidm-repl-certs
|
|
create: true
|
|
overwrite: true
|
|
hmacSecretData: true
|
|
rolloutRestartTargets:
|
|
- kind: StatefulSet
|
|
name: kanidm
|