Add Vault access for forgebot service
K8s auth role binding for forgebot namespace (default + forgebot-operator service accounts) and KV read policies for environment config, LiteLLM API key, Gitea token, PostgreSQL credentials, and webhook secret.
This commit is contained in:
@@ -0,0 +1,8 @@
|
||||
bound_service_account_names:
|
||||
- default
|
||||
- forgebot-operator
|
||||
bound_service_account_namespaces:
|
||||
- forgebot
|
||||
token_ttl: 600
|
||||
token_max_ttl: 600
|
||||
audience: vault
|
||||
Reference in New Issue
Block a user