74 lines
1.9 KiB
YAML
74 lines
1.9 KiB
YAML
apiVersion: v1
|
|
kind: Namespace
|
|
metadata:
|
|
name: vault-test
|
|
---
|
|
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
name: vault
|
|
namespace: vault-test
|
|
---
|
|
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: test-key-secret
|
|
namespace: vault-test
|
|
annotations:
|
|
vault.security.banzaicloud.io/vault-addr: "http://vault.vault.svc:8200"
|
|
vault.security.banzaicloud.io/vault-skip-verify: "true"
|
|
vault.security.banzaicloud.io/vault-path: "kubernetes"
|
|
stringData:
|
|
APPLE: vault:kv/data/myenvs#APPLE
|
|
type: Opaque
|
|
---
|
|
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: test-key-configmap
|
|
namespace: vault-test
|
|
annotations:
|
|
vault.security.banzaicloud.io/vault-addr: "http://vault.vault.svc:8200"
|
|
vault.security.banzaicloud.io/vault-skip-verify: "true"
|
|
vault.security.banzaicloud.io/vault-path: "kubernetes"
|
|
data:
|
|
BANANA: vault:kv/data/myenvs#BANANA
|
|
---
|
|
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: vault-test
|
|
namespace: vault-test
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: vault
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: vault
|
|
annotations:
|
|
vault.security.banzaicloud.io/vault-addr: "http://vault.vault.svc:8200"
|
|
vault.security.banzaicloud.io/vault-role: "vault-test"
|
|
vault.security.banzaicloud.io/vault-skip-verify: "true"
|
|
vault.security.banzaicloud.io/vault-path: "kubernetes"
|
|
vault.security.banzaicloud.io/vault-env-from-path: "kv/data/myenvs"
|
|
spec:
|
|
serviceAccountName: vault
|
|
containers:
|
|
- name: alpine
|
|
image: alpine
|
|
command: ["sh", "-c", "echo $BLUEBERRY && echo going to sleep... && sleep 10000"]
|
|
env:
|
|
- name: BLUEBERRY
|
|
value: vault:kv/data/myenvs#BLUEBERRY
|
|
- name: CARROT
|
|
value: vault:kv/data/myenvs#CARROT
|
|
- name: CUCUMBER
|
|
value: vault:kv/data/myenvs#CUCUMBER
|