feat: add vault/consul config for media terraform repos (#79)
ci/woodpecker/push/apply Pipeline was successful

Add Kubernetes auth roles, AppRole configs, Consul secret backend roles, Consul ACL policies, and Vault kv read policies for terraform-sonarr, terraform-radarr, and terraform-prowlarr.

Reviewed-on: #79
Co-authored-by: Ben Vincent <ben@unkin.net>
Co-committed-by: Ben Vincent <ben@unkin.net>
This commit was merged in pull request #79.
This commit is contained in:
2026-06-28 22:03:25 +10:00
committed by BenVincent
parent c33dcdc447
commit 36d7afbb65
18 changed files with 126 additions and 0 deletions
@@ -0,0 +1,11 @@
---
rules:
- path: "consul_root/au/syd1/creds/terraform-prowlarr"
capabilities:
- read
auth:
approle:
- terraform_prowlarr
k8s/au/syd1:
- woodpecker_terraform_prowlarr
@@ -0,0 +1,11 @@
---
rules:
- path: "consul_root/au/syd1/creds/terraform-radarr"
capabilities:
- read
auth:
approle:
- terraform_radarr
k8s/au/syd1:
- woodpecker_terraform_radarr
@@ -0,0 +1,11 @@
---
rules:
- path: "consul_root/au/syd1/creds/terraform-sonarr"
capabilities:
- read
auth:
approle:
- terraform_sonarr
k8s/au/syd1:
- woodpecker_terraform_sonarr
@@ -6,5 +6,8 @@ rules:
- read
auth:
approle:
- terraform_prowlarr
k8s/au/syd1:
- media-apps
- woodpecker_terraform_prowlarr
@@ -6,5 +6,8 @@ rules:
- read
auth:
approle:
- terraform_radarr
k8s/au/syd1:
- media-apps
- woodpecker_terraform_radarr
@@ -6,5 +6,8 @@ rules:
- read
auth:
approle:
- terraform_sonarr
k8s/au/syd1:
- media-apps
- woodpecker_terraform_sonarr