c33dcdc447
ci/woodpecker/push/apply Pipeline was successful
## Summary - K8s auth role for Woodpecker CI (`terraform-authentik` SA in `woodpecker` namespace) - AppRole for local terraform runs - Consul secret backend role (`terraform-authentik`, TTL 120/300) - Consul ACL policy for `infra/terraform/authentik/` key prefix - Vault policy granting both auth methods access to Consul creds Reviewed-on: #78 Co-authored-by: Ben Vincent <ben@unkin.net> Co-committed-by: Ben Vincent <ben@unkin.net>
10 lines
196 B
YAML
10 lines
196 B
YAML
token_ttl: 120
|
|
token_max_ttl: 120
|
|
bind_secret_id: false
|
|
token_bound_cidrs:
|
|
- "10.10.12.200/32"
|
|
- "198.18.25.102/32"
|
|
- "198.18.26.91/32"
|
|
- "198.18.27.40/32"
|
|
use_deterministic_role_id: true
|