init

2022-07-28 00:51:41 +07:00
parent c3ba7baa48
commit b38288eba7
8 changed files with 45 additions and 136 deletions
--- a/k8s/vault-test.yaml
+++ b/k8s/vault-test.yaml
@@ -0,0 +1,42 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: vault-test
+---
+
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: sa-vault
+  namespace: vault-test
+---
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: vault-test-deployment
+  namespace: vault-test
+  labels:
+    app: vault-test
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: vault-test
+  template:
+    metadata:
+      labels:
+        app: vault-test
+      annotations:
+        vault.hashicorp.com/agent-inject: 'true'
+        vault.hashicorp.com/role: 'vault-test'
+        vault.hashicorp.com/agent-inject-secret-credentials.txt: 'kv/secret/data/vault-test/config'
+        vault.hashicorp.com/agent-inject-template-credentials.txt: |
+          {{- with secret "kv/secret/data/vault-test/config" -}}
+          postgresql://{{ .Data.data.username }}:{{ .Data.data.password }}@{{ .Data.data.psqlhost }}:5432/{{ .Data.data.database }}
+          {{- end -}}
+    spec:
+      serviceAccountName: sa-vault
+      containers:
+        - name: app
+          image: nginx