feat(vso): deploy Vault Secrets Operator; add test RBAC + amd64 image aliases
- Add base/vso/ with Helm chart (v0.9.0 from helm.releases.hashicorp.com), namespace, and test-rbac.yaml granting the Helm test pod's default SA permission to create/read/delete Secrets, ConfigMaps, and Leases so the bundled connectivity test passes. - Wire ../../base/vso into overlays/local/kustomization.yaml. - Add image aliases for lasuite/people-backend and lasuite/people-frontend so kustomize rewrites those pulls to our Gitea registry (amd64-only images that are patched and mirrored by sunbeam.py).
This commit is contained in:
8
base/vso/vso-values.yaml
Normal file
8
base/vso/vso-values.yaml
Normal file
@@ -0,0 +1,8 @@
|
||||
# Vault Secrets Operator Helm values
|
||||
# chart: vault-secrets-operator from https://helm.releases.hashicorp.com
|
||||
# Connects to OpenBao (Vault-compatible) running in the data namespace.
|
||||
|
||||
defaultVaultConnection:
|
||||
enabled: true
|
||||
address: "http://openbao.data.svc.cluster.local:8200"
|
||||
skipTLSVerify: false # OpenBao has TLS disabled (tlsDisable: true in openbao-values.yaml)
|
||||
Reference in New Issue
Block a user