feat: add vault and consul roles for terraform-git (#73)
ci/woodpecker/push/apply Pipeline was successful
ci/woodpecker/push/apply Pipeline was successful
## Summary - Add K8s auth role woodpecker_terraform_git for CI pipeline authentication - Add consul secret backend role terraform-git for consul state storage tokens - Add consul ACL policy granting write access to infra/terraform/git/ key prefix - Add vault policy for reading consul creds at consul_root/au/syd1/creds/terraform-git ## Test plan - [ ] Verify terragrunt plan succeeds - [ ] Verify consul ACL policy is created correctly - [ ] Verify K8s auth role can authenticate from woodpecker namespace Reviewed-on: #73 Co-authored-by: Ben Vincent <ben@unkin.net> Co-committed-by: Ben Vincent <ben@unkin.net>
This commit was merged in pull request #73.
This commit is contained in:
@@ -0,0 +1,9 @@
|
||||
---
|
||||
rules:
|
||||
- path: "consul_root/au/syd1/creds/terraform-git"
|
||||
capabilities:
|
||||
- read
|
||||
|
||||
auth:
|
||||
k8s/au/syd1:
|
||||
- woodpecker_terraform_git
|
||||
Reference in New Issue
Block a user