apiVersion: v1
kind: Namespace
metadata:
  name: vswh
  labels:
    app.kubernetes.io/component: vswh
    pod-security.kubernetes.io/enforce: privileged
---

apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
  name: vault-secrets-webhook
  namespace: flux-system
spec:
  interval: 10m
  releaseName: vswh
  chartRef:
    kind: OCIRepository
    name: vault-secrets-webhook
    namespace: flux-system
  targetNamespace: vswh
  values:
    # vaultEnv:
    #   repository: hub.ntk.novotelecom.ru/img/vault-env
    certificate:
      certLifespan: 3650
---

apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  name: vault-operator-rbac
  namespace: flux-system
spec:
  interval: 5m
  prune: true
  sourceRef:
    kind: GitRepository
    name: vault-operator
    namespace: flux-system
  targetNamespace: vswh
  path: ./deploy/rbac