Files
argocd-apps/apps/base/argocd-image-updater/vaultauth.yaml
T
unkinben f03eb6f651 feat: deploy argocd-image-updater via Helm
Deploys ArgoCD Image Updater into the argocd-image-updater namespace.
Vault-managed secrets provide registry credentials for git.unkin.net
and an ArgoCD API token.

Prerequisites before syncing:
- Create Vault role argocd-image-updater in k8s/au/syd1
- Populate kv/service/argocd-image-updater/registry-creds (key: creds, value: <user>:<token>)
- Create ArgoCD local user image-updater and store token at kv/service/argocd-image-updater/argocd-token
2026-05-10 22:53:06 +10:00

19 lines
406 B
YAML

---
apiVersion: secrets.hashicorp.com/v1beta1
kind: VaultAuth
metadata:
name: default
namespace: argocd-image-updater
spec:
allowedNamespaces:
- argocd-image-updater
kubernetes:
audiences:
- vault
role: argocd-image-updater
serviceAccount: argocd-image-updater
tokenExpirationSeconds: 600
method: kubernetes
mount: k8s/au/syd1
vaultConnectionRef: vso-system/default