Commit Graph

  • 36d7afbb65 feat: add vault/consul config for media terraform repos (#79) master unkinben 2026-06-28 22:03:25 +10:00
  • c33dcdc447 Add auth and state access for terraform-authentik (#78) unkinben 2026-06-28 01:17:51 +10:00
  • be9bd96cf3 feat: enable consul state store for artifactapi (#77) benvin 2026-06-17 21:42:25 +10:00
  • 65f844cbe1 Fix: add policy binding for forgebot K8s auth role feature/forgebot-vault-access unkinben 2026-06-08 23:00:22 +10:00
  • b9632f39e4 Merge branch 'master' into feature/forgebot-vault-access benvin 2026-06-08 22:57:54 +10:00
  • bb5f6922fa feat: add vault policy for terraform-git webhook secrets (#75) unkinben 2026-06-08 22:56:30 +10:00
  • f5803605d6 Simplify: use default templated policy for forgebot KV access unkinben 2026-06-08 22:54:58 +10:00
  • 2c4d0d7f64 Add Vault access for forgebot service unkinben 2026-06-08 22:53:25 +10:00
  • a29ff9fe6a fix: use gitadmin woodpecker token path unkinben 2026-06-08 19:08:12 +10:00
  • 12680f93cd feat: replace webhook secrets policy with woodpecker token policy unkinben 2026-06-08 16:17:00 +10:00
  • 132e5ea4d9 feat: add vault policy for terraform-git webhook secrets unkinben 2026-06-08 16:11:58 +10:00
  • 346cf9fa43 feat: manage gitadmin token (#74) benvin 2026-06-08 15:17:58 +10:00
  • 1288057b81 feat: add vault and consul roles for terraform-git (#73) unkinben 2026-06-07 20:36:35 +10:00
  • 3876fa818d chore: bump almalinux9 image tags (#72) unkinben 2026-06-07 00:35:30 +10:00
  • a548bf1cb1 fix: apply requires plan (#71) unkinben 2026-05-22 00:03:08 +10:00
  • 93ba86baf3 feat: add apply workflow (#70) unkinben 2026-05-21 23:57:25 +10:00
  • 098830c10b Merge pull request 'feat: add plan workflow' (#69) from benvin/make-plan-buildwq into master unkinben 2026-05-21 23:54:07 +10:00
  • 9cbac6d3ef feat: add plan workflow unkinben 2026-05-21 23:20:07 +10:00
  • 73aaaaeb99 Merge pull request 'chore: enable access to gateway.networking.k8s.io' (#68) from benvin/gatewayapi into master unkinben 2026-05-21 22:42:28 +10:00
  • 7c60a5fd53 chore: enable access to gateway.networking.k8s.io unkinben 2026-05-21 22:39:57 +10:00
  • 27f12f183e Merge pull request 'chore: change to specific ci image' (#67) from benvin/ci_image into master unkinben 2026-03-09 01:16:59 +11:00
  • c61434b692 chore: change to specific ci image unkinben 2026-03-09 01:14:41 +11:00
  • 172ceac2fc Merge pull request 'feat: add templated policies for kubernetes' (#66) from benvin/kubernetes_structured_paths into master unkinben 2026-03-08 12:57:58 +11:00
  • 48a4fd0dd1 feat: add templated policies for kubernetes unkinben 2026-03-08 12:44:17 +11:00
  • 4dc09547ef Merge pull request 'fix: update audience for rpmbuilder' (#65) from benvin/default_aud into master unkinben 2026-03-08 12:29:43 +11:00
  • 546a9efe44 fix: update audience for rpmbuilder unkinben 2026-03-07 11:31:36 +11:00
  • 679cec4bc1 Merge pull request 'feat: add rpmbuilder k8s role' (#64) from benvin/rpmbuilder-in-k8s into master unkinben 2026-03-07 11:11:23 +11:00
  • 71789f9f32 feat: add rpmbuilder k8s role unkinben 2026-03-07 11:06:27 +11:00
  • 4cbcec58d3 Merge pull request 'feat: enable woodpecker access to ro tokens' (#63) from benvin/woodpecker_task_access into master unkinben 2026-03-07 10:52:38 +11:00
  • 9c93e185f8 feat: enable woodpecker access to ro tokens unkinben 2026-03-07 10:49:12 +11:00
  • d6c8474bd3 Merge pull request 'chore: move pgsql password to vault' (#62) from benvin/artifactapi_postgrespassword into master unkinben 2026-03-06 19:51:25 +11:00
  • 42351000ee chore: move pgsql password to vault unkinben 2026-03-06 19:39:36 +11:00
  • f7d1330c37 Merge pull request 'chore: add artifactapi k8s role' (#61) from benvin/artifactapi into master unkinben 2026-03-06 18:57:05 +11:00
  • d9e07e432e chore: add artifactapi k8s role unkinben 2026-03-06 18:47:31 +11:00
  • 14a258de7d Merge pull request 'chore: enable access woodpecker-agent-secret' (#60) from benvin/woodpecker_agent_secret into master unkinben 2026-03-03 23:34:32 +11:00
  • be8bcc3743 chore: enable access woodpecker-agent-secret unkinben 2026-03-03 23:30:49 +11:00
  • dc257b1bcd Merge pull request 'feat: add pre-commit check in ci' (#59) from benvin/woodpecker_integration into master unkinben 2026-02-28 22:28:21 +11:00
  • 66119e5207 feat: add pre-commit check in ci unkinben 2026-02-28 18:05:42 +11:00
  • 9e6de4dc32 Merge pull request 'feat: set max token life for auth_kubernetes_role' (#58) from benvin/token_max_ttl into master unkinben 2026-02-22 22:30:18 +11:00
  • 7cafafd483 feat: set max token life for auth_kubernetes_role unkinben 2026-02-22 22:28:21 +11:00
  • c94b2af196 Merge pull request 'feat: add woodpecker secrets' (#57) from benvin/woodpecker into master unkinben 2026-02-22 22:27:50 +11:00
  • dd44146d88 feat: add woodpecker secrets unkinben 2026-02-22 19:15:48 +11:00
  • 18a62332f6 Merge pull request 'chore: enable access to openldap admin creds' (#56) from benvin/ldap_admin_pass_terraform_ldap into master unkinben 2026-02-15 20:17:35 +11:00
  • 8fa68e2670 chore: enable access to openldap admin creds unkinben 2026-02-15 20:16:58 +11:00
  • 4cad39989f Merge pull request 'chore: add default_user_password credentials policy' (#55) from benvin/openldap_default_pass into master unkinben 2026-02-15 13:45:45 +11:00
  • c825962490 chore: add default_user_password credentials policy unkinben 2026-02-15 13:43:02 +11:00
  • 51bc3fffc0 Merge pull request 'feat: add terraform-ldap service' (#54) from benvin/terraform-ldap into master unkinben 2026-02-15 13:40:32 +11:00
  • dca26029c0 feat: add terraform-ldap service unkinben 2026-02-15 13:36:10 +11:00
  • d398911108 Merge pull request 'fix: kubernetes auth fixes' (#53) from benvin/kubernetes_fixes into master unkinben 2026-02-15 13:08:43 +11:00
  • c093d5830d fix: kubernetes auth fixes unkinben 2026-02-15 13:06:08 +11:00
  • 4b176846f2 Merge pull request 'feat: add identity secrets' (#52) from benvin/identity into master unkinben 2026-02-15 13:02:01 +11:00
  • 90b765d713 feat: add identity secrets unkinben 2026-02-15 13:01:06 +11:00
  • 3fb5a64a17 Merge pull request 'feat: add kubernetes ldap groups' (#51) from benvin/kubernetes_ldap_groups into master unkinben 2026-02-14 19:48:56 +11:00
  • 33a746e545 feat: add kubernetes ldap groups unkinben 2026-02-14 19:46:39 +11:00
  • 4fe0e0de73 Merge pull request 'feat: add terraform_k8s approle' (#50) from benvin/terraform_k8s_approle into master unkinben 2026-02-14 19:38:46 +11:00
  • a47f841028 feat: add terraform_k8s approle unkinben 2026-02-14 19:37:22 +11:00
  • 9192879c03 Merge pull request 'feat: use ephemeral consul token' (#49) from benvin/use_consul_creds into master unkinben 2026-02-14 18:59:56 +11:00
  • 5cdf6b410d feat: use ephemeral consul token unkinben 2026-02-14 18:59:05 +11:00
  • b51617c009 Merge pull request 'feat: implement consul ACL management with provider aliases' (#48) from benvin/consul_backend into master unkinben 2026-02-14 18:41:49 +11:00
  • 66ee6430fa Merge pull request 'feat: add tf_vault required policies' (#47) from benvin/tf-vault-policy-updates into master unkinben 2026-02-14 18:41:33 +11:00
  • fd03727ec2 feat: add tf_vault required policies unkinben 2026-02-14 18:39:21 +11:00
  • 5536869a38 feat: implement consul ACL management with provider aliases unkinben 2026-02-08 15:55:30 +11:00
  • f8f1185b42 Merge pull request 'chore: add puppet k8s role' (#46) from benvin/puppet_secrets into master unkinben 2026-02-01 14:54:45 +11:00
  • 75e9db1aa6 chore: add puppet k8s role unkinben 2026-02-01 14:54:23 +11:00
  • f47804ffdf Merge pull request 'chore: rancher pods use rancher service account' (#45) from benvin/rancher_role into master unkinben 2026-01-30 22:11:53 +11:00
  • 24c124d6eb chore: rancher pods use rancher service account unkinben 2026-01-30 19:53:00 +11:00
  • 9d54b4cfcc Merge pull request 'chore: add rancher role' (#44) from benvin/rancher_role into master unkinben 2026-01-30 19:46:19 +11:00
  • 33af7010fb chore: add rancher role unkinben 2026-01-30 19:43:06 +11:00
  • cb1b383035 Merge pull request 'feat: major restructuring in migration to terragrunt' (#43) from benvin/vault_terragrunt into master unkinben 2026-01-26 23:53:35 +11:00
  • f6d06cb319 chore: cleanup unused config data unkinben 2026-01-26 23:51:50 +11:00
  • 1c9e063310 Merge branch 'master' into benvin/vault_terragrunt unkinben 2026-01-26 23:07:13 +11:00
  • 8070b6f66b feat: major restructuring in migration to terragrunt unkinben 2026-01-04 23:31:42 +11:00
  • b115b7d28a Merge pull request 'chore: add nzbget secrets' (#42) from benvin/nzbget into master unkinben 2026-01-26 18:31:48 +11:00
  • 25e3d48337 chore: add nzbget secrets unkinben 2026-01-26 18:30:49 +11:00
  • fdc801739f Merge pull request 'feat: add prowlarr access' (#41) from benvin/prowlarr_policy into master unkinben 2026-01-04 23:37:23 +11:00
  • 56d858f900 feat: add prowlarr access unkinben 2026-01-04 23:36:43 +11:00
  • bd112181f5 Merge pull request 'feat: add policy to read terraform vars' (#40) from benvin/repoflow_terraform into master unkinben 2025-12-13 10:57:33 +11:00
  • 4f185d5e28 feat: add policy to read terraform vars unkinben 2025-12-13 10:56:58 +11:00
  • 65ad53e24c Merge pull request 'feat: add repoflow service vault configuration' (#39) from benvin/repoflow into master unkinben 2025-12-13 10:13:33 +11:00
  • d217f6e42d Merge pull request 'feat: add repoflow tokens' (#38) from benvin/repoflow_tokens into master unkinben 2025-12-13 10:10:07 +11:00
  • 9814b8fc1a feat: add repoflow tokens unkinben 2025-12-13 10:09:29 +11:00
  • 7b81abfa9e feat: add repoflow service vault configuration unkinben 2025-12-13 09:20:41 +11:00
  • 2466a6fe5c Merge pull request 'feat: label kubernetes ephemeral serviceaccounts' (#37) from benvin/k8s_roles_labelling into master unkinben 2025-12-07 12:42:45 +11:00
  • c88b19a216 feat: label kubernetes ephemeral serviceaccounts unkinben 2025-12-07 12:41:37 +11:00
  • 3bada72838 Merge pull request 'chore: allow long lines in yamllint' (#36) from benvin/yamlint-args into master unkinben 2025-12-01 21:51:11 +11:00
  • 8961ba3748 chore: allow long lines in yamllint unkinben 2025-12-01 21:50:49 +11:00
  • 26b3ee84d6 Merge pull request 'chore: fix policies for rpmbuilder' (#35) from benvin/fix_rpmbuilder into master unkinben 2025-11-30 21:24:52 +11:00
  • 0776fac6eb chore: fix policies for rpmbuilder unkinben 2025-11-30 21:24:06 +11:00
  • 3a2ecc9b23 Merge pull request 'feat: add rpmbuilder approle' (#34) from benvin/rpmbuilder into master unkinben 2025-11-29 18:01:37 +11:00
  • 5afd1ad9c1 feat: add rpmbuilder approle unkinben 2025-11-29 18:00:20 +11:00
  • 756286c231 chore: update name, role type for k8s unkinben 2025-11-29 00:09:57 +11:00
  • 9cc482d471 Merge pull request 'feat: add kubernetes secrets engine with RBAC roles for au-syd1 cluster' (#33) from benvin/au-syd1-k8s-roles into master unkinben 2025-11-27 23:31:04 +11:00
  • 6624f7aed1 feat: add kubernetes secrets engine with RBAC roles for au-syd1 cluster unkinben 2025-11-27 23:22:13 +11:00
  • ad1118af85 Merge pull request 'chore: remove references k8s pki policy' (#32) from benvin/cleanup_k8s_pki_policy_reference into master unkinben 2025-11-27 21:08:29 +11:00
  • cafa887cdc chore: remove references k8s pki policy unkinben 2025-11-27 21:07:50 +11:00
  • f10f96d19c Merge pull request 'feat: move state path in consul' (#31) from benvin/move-state-path into master unkinben 2025-11-27 21:05:55 +11:00
  • da0e0e4239 feat: move state path in consul unkinben 2025-11-27 21:04:44 +11:00
  • 2efbf7cc6e Merge pull request 'chore: remove k8s pki policy' (#30) from benvin/cleanup_k8s_pki into master unkinben 2025-11-27 20:43:08 +11:00
  • b9deb02cfb chore: remove k8s pki policy unkinben 2025-11-27 20:42:27 +11:00
  • 391c77d30b Merge pull request 'feat: add media-apps integration with vault' (#29) from benvin/media_apps_k8s into master unkinben 2025-11-27 20:41:52 +11:00