fix: skip_child_token on vault provider
The CI VAULT_TOKEN (short-lived k8s-auth role token) can't create child tokens, so the vault provider failed with 'failed to create limited child token: permission denied'. Use the token directly.
This commit is contained in:
@@ -8,8 +8,11 @@ provider "authentik" {
|
||||
}
|
||||
|
||||
# Reads client secrets seeded in Vault (kv-v2). Auth via VAULT_ADDR + VAULT_TOKEN
|
||||
# from the environment (set by the Makefile vault_env helper).
|
||||
provider "vault" {}
|
||||
# from the environment (set by the Makefile vault_env helper). skip_child_token
|
||||
# is required because the short-lived CI token cannot create child tokens.
|
||||
provider "vault" {
|
||||
skip_child_token = true
|
||||
}
|
||||
|
||||
variable "authentik_token" {
|
||||
type = string
|
||||
|
||||
Reference in New Issue
Block a user