f0bdc0231a
Migrate Vault Secrets Operator from Terragrunt to ArgoCD/Kustomize. Deploys vault-secrets-operator v1.2.0 with 3 replicas, plus ClusterRole, ClusterRoleBindings, and vault-admin ServiceAccount. Note: static service account tokens (kubernetes.io/service-account-token) cannot be stored in git; create manually or via Vault after deployment. 💘 Generated with Crush Assisted-by: Claude Sonnet 4.6 via Crush <crush@charm.land> Reviewed-on: #81
29 lines
539 B
YAML
29 lines
539 B
YAML
defaultVaultConnection:
|
|
enabled: true
|
|
address: "https://vault.service.consul:8200"
|
|
skipTLSVerify: false
|
|
caCertSecret: "vault-ca-cert"
|
|
|
|
defaultAuthMethod:
|
|
enabled: true
|
|
method: "kubernetes"
|
|
mount: "k8s/au/syd1"
|
|
namespace: ""
|
|
kubernetes:
|
|
role: "default"
|
|
serviceAccount: "vault-secrets-operator-controller-manager"
|
|
tokenAudiences: ["vault"]
|
|
|
|
controller:
|
|
replicas: 3
|
|
resources:
|
|
limits:
|
|
cpu: 500m
|
|
memory: 256Mi
|
|
requests:
|
|
cpu: 50m
|
|
memory: 128Mi
|
|
|
|
globalVaultAuth:
|
|
enabled: true
|