Merge pull request 'chore: add puppet k8s role' (#46) from benvin/puppet_secrets into master

Reviewed-on: #46
This commit was merged in pull request #46.
This commit is contained in:
2026-02-01 14:54:45 +11:00
5 changed files with 26 additions and 0 deletions
@@ -0,0 +1,6 @@
bound_service_account_names:
- default
bound_service_account_namespaces:
- puppet
token_ttl: 60
audience: vault
@@ -0,0 +1,9 @@
---
rules:
- path: "kv/data/service/puppet/puppetboard-secret-key"
capabilities:
- read
auth:
k8s/au/syd1:
- puppet
@@ -0,0 +1,9 @@
---
rules:
- path: "kv/data/service/puppet/puppetdb-postgresql-credentials"
capabilities:
- read
auth:
k8s/au/syd1:
- puppet
@@ -3,6 +3,7 @@ rules:
- apiGroups:
- ""
- "postgresql.cnpg.io"
- "poolers.postgresql.cnpg.io"
- "cert-manager.io"
- "rbac.authorization.k8s.io"
- "batch"
@@ -3,6 +3,7 @@ rules:
- apiGroups:
- ""
- "postgresql.cnpg.io"
- "poolers.postgresql.cnpg.io"
- "cert-manager.io"
- "rbac.authorization.k8s.io"
- "batch"