bb5f6922fa
ci/woodpecker/push/apply Pipeline was successful
## Summary - Add read policy for kv/data/service/gitea/webhook/* path - Assigned to terraform_git approle and woodpecker_terraform_git k8s auth role - Webhook URLs are stored in Vault KV and read at plan/apply time ## Test plan - [ ] Verify terragrunt plan succeeds for terraform-git after merge Reviewed-on: #75 Co-authored-by: Ben Vincent <ben@unkin.net> Co-committed-by: Ben Vincent <ben@unkin.net>
12 lines
181 B
YAML
12 lines
181 B
YAML
---
|
|
rules:
|
|
- path: "kv/data/service/woodpecker/tokens/gitadmin"
|
|
capabilities:
|
|
- read
|
|
|
|
auth:
|
|
approle:
|
|
- terraform_git
|
|
k8s/au/syd1:
|
|
- woodpecker_terraform_git
|