studio/sbbb
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(devtools): migrate Gitea to OpenBao DB static role; sync admin creds via VSO

Browse Source 
- gitea-db-credentials is now a VaultDynamicSecret reading from
  database/static-creds/gitea (OpenBao static role, 24h password rotation).
  Replaces the previous KV-based Secret that used a hardcoded localdev password.
- gitea-admin-credentials and gitea-s3-credentials remain VaultStaticSecrets
  synced from secret/gitea and secret/seaweedfs respectively.
- gitea-values.yaml adds gitea.admin.existingSecret so the chart reads the
  admin username/password from the VSO-managed Secret instead of values.
This commit is contained in:
Sienna Meridian Satterwhite
2026-03-02 18:33:16 +00:00
parent c7b812dde8
commit 8cb705fecc
3 changed files with 88 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
base/devtools/kustomization.yaml
View File

@@ -5,6 +5,7 @@ namespace: devtools
resources:
- namespace.yaml
- vault-secrets.yaml
helmCharts:
# helm repo add gitea-charts https://dl.gitea.com/charts/