unkin/terraform-vault
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request 'feat: add woodpecker secrets' (#57) from benvin/woodpecker into master

Browse Source 
Reviewed-on: #57
This commit is contained in:
Ben Vincent 2026-02-22 22:27:50 +11:00
commit c94b2af196
4 changed files with 36 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
config/auth_kubernetes_role/k8s/au/syd1/woodpecker.yaml Normal file
View File

@ -0,0 +1,6 @@
bound_service_account_names:
- default
bound_service_account_namespaces:
- woodpecker
token_ttl: 600
audience: vault

10
policies/kv/service/woodpecker/woodpecker-database-config/read.yaml Normal file
View File

@ -0,0 +1,10 @@
# Allow reading woodpecker/database integration details
---
rules:
- path: "kv/data/service/woodpecker/woodpecker-database-config"
capabilities:
- read
auth:
k8s/au/syd1:
- woodpecker

10
policies/kv/service/woodpecker/woodpecker-gitea/read.yaml Normal file
View File

@ -0,0 +1,10 @@
# Allow reading woodpecker/gitea integration details
---
rules:
- path: "kv/data/service/woodpecker/woodpecker-gitea"
capabilities:
- read
auth:
k8s/au/syd1:
- woodpecker

10
policies/kv/service/woodpecker/woodpecker-postgres-credentials/read.yaml Normal file
View File

@ -0,0 +1,10 @@
# Allow reading woodpecker/postgres integration details
---
rules:
- path: "kv/data/service/woodpecker/woodpecker-postgres-credentials"
capabilities:
- read
auth:
k8s/au/syd1:
- woodpecker