Merge pull request 'feat: add identity secrets' (#52 ) from benvin/identity into master

Reviewed-on: #52
feat: add identity secrets
2026-02-15 13:02:01 +11:00 · 2026-02-15 13:01:06 +11:00
2 changed files with 16 additions and 0 deletions
--- a/config/auth_kubernetes_role/k8s/au/syd1/identity.yaml
+++ b/config/auth_kubernetes_role/k8s/au/syd1/identity.yaml
@ -0,0 +1,6 @@
+bound_service_account_names:
+  - default
+bound_service_account_namespaces:
+  - identity
+token_ttl: 60
+audience: vault
--- a/policies/kv/service/openldap/ldap_admin_password/read.yaml
+++ b/policies/kv/service/openldap/ldap_admin_password/read.yaml
@ -0,0 +1,10 @@
+# Allow reading Radarr configuration
+---
+rules:
+  - path: "kv/data/service/openldap/ldap_admin_password"
+    capabilities:
+      - read
+
+auth:
+  k8s/au/syd1:
+    - identity
Author	SHA1	Message	Date
Ben Vincent	4b176846f2	Merge pull request 'feat: add identity secrets' (#52 ) from benvin/identity into master Reviewed-on: #52	2026-02-15 13:02:01 +11:00
Ben Vincent	90b765d713	feat: add identity secrets - add kubernetes auth role for identity namespace - add policy to access openldap bootstrap credentials	2026-02-15 13:01:06 +11:00