feat: add vault and consul roles for terraform-git #73

Merged
benvin merged 1 commits from feat/terraform-git-roles into master 2026-06-07 20:36:35 +10:00
Owner

Summary

  • Add K8s auth role woodpecker_terraform_git for CI pipeline authentication
  • Add consul secret backend role terraform-git for consul state storage tokens
  • Add consul ACL policy granting write access to infra/terraform/git/ key prefix
  • Add vault policy for reading consul creds at consul_root/au/syd1/creds/terraform-git

Test plan

  • Verify terragrunt plan succeeds
  • Verify consul ACL policy is created correctly
  • Verify K8s auth role can authenticate from woodpecker namespace
## Summary - Add K8s auth role woodpecker_terraform_git for CI pipeline authentication - Add consul secret backend role terraform-git for consul state storage tokens - Add consul ACL policy granting write access to infra/terraform/git/ key prefix - Add vault policy for reading consul creds at consul_root/au/syd1/creds/terraform-git ## Test plan - [ ] Verify terragrunt plan succeeds - [ ] Verify consul ACL policy is created correctly - [ ] Verify K8s auth role can authenticate from woodpecker namespace
unkinben added 1 commit 2026-06-07 20:03:27 +10:00
feat: add vault and consul roles for terraform-git
ci/woodpecker/pr/pre-commit Pipeline was successful
ci/woodpecker/pr/plan Pipeline was successful
61f5cec4ff
Add K8s auth role, consul secret backend role, consul ACL policy, and
vault policy to allow terraform-git CI to store state in Consul.
benvin merged commit 1288057b81 into master 2026-06-07 20:36:35 +10:00
benvin deleted branch feat/terraform-git-roles 2026-06-07 20:36:36 +10:00
Sign in to join this conversation.
No Reviewers
No Label
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: unkin/terraform-vault#73