fix: skip_child_token on vault provider
The CI VAULT_TOKEN (short-lived k8s-auth role token) can't create child tokens, so the vault provider failed with 'failed to create limited child token: permission denied'. Use the token directly.
This commit is contained in:
@@ -8,8 +8,11 @@ provider "authentik" {
|
|||||||
}
|
}
|
||||||
|
|
||||||
# Reads client secrets seeded in Vault (kv-v2). Auth via VAULT_ADDR + VAULT_TOKEN
|
# Reads client secrets seeded in Vault (kv-v2). Auth via VAULT_ADDR + VAULT_TOKEN
|
||||||
# from the environment (set by the Makefile vault_env helper).
|
# from the environment (set by the Makefile vault_env helper). skip_child_token
|
||||||
provider "vault" {}
|
# is required because the short-lived CI token cannot create child tokens.
|
||||||
|
provider "vault" {
|
||||||
|
skip_child_token = true
|
||||||
|
}
|
||||||
|
|
||||||
variable "authentik_token" {
|
variable "authentik_token" {
|
||||||
type = string
|
type = string
|
||||||
|
|||||||
Reference in New Issue
Block a user