From 60e9e0f18e88ca1f1ad6356dbda19ae4ffd365b5 Mon Sep 17 00:00:00 2001 From: Malo BRIANT Date: Wed, 20 Dec 2023 14:37:35 +0100 Subject: [PATCH] feat: add SA in patch --- .kontinuous/patches/secrets.js | 10 +++++++--- .kontinuous/values.yaml | 1 - 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/.kontinuous/patches/secrets.js b/.kontinuous/patches/secrets.js index 824ad368..e66534ce 100644 --- a/.kontinuous/patches/secrets.js +++ b/.kontinuous/patches/secrets.js @@ -9,10 +9,10 @@ module.exports = (manifests) => { ...manifest.spec.template.metadata.annotations, "vault.hashicorp.com/service": "http://vault.vault-dev.svc:8200", "vault.hashicorp.com/agent-inject": "true", - "vault.hashicorp.com/role": "webapp", + "vault.hashicorp.com/role": "dev", "vault.hashicorp.com/agent-inject-secret-nextauth": 'kv/data/dev/nextauth_secret', - "vault.hashicorp.com/agent-inject-secret-keycloack_client_id": 'kv/data/dev/keycloack_client_id', - "vault.hashicorp.com/agent-inject-secret-keycloack_client_secret": 'kv/data/dev/keycloack_client_secret', + "vault.hashicorp.com/agent-inject-secret-keycloak_client_id": 'kv/data/dev/keycloak_client_id', + "vault.hashicorp.com/agent-inject-secret-keycloak_client_secret": 'kv/data/dev/keycloak_client_secret', "vault.hashicorp.com/agent-inject-template-dev": '| \ {{- with secret "kv/dev/nextauth_secret" -}} \ {{- range $key, $value := .Data.data }} \ @@ -20,6 +20,10 @@ module.exports = (manifests) => { {{- end }} \ {{- end }}' }; + manifest.spec.template.spec = { + ...manifest.spec.template.spec, + serviceAccountName: "vault" + }; } } return manifests; diff --git a/.kontinuous/values.yaml b/.kontinuous/values.yaml index 050f41f5..70dce64f 100644 --- a/.kontinuous/values.yaml +++ b/.kontinuous/values.yaml @@ -37,7 +37,6 @@ app: imagePackage: app containerPort: 3000 probesPath: "/healthz" - serviceAccountName: vault securityContext: fsGroup: 1001 runAsGroup: 1000