From 9113bced5b5e26c6f9da8a5e54e1d37b5f228e5d Mon Sep 17 00:00:00 2001 From: Mike Tougeron Date: Tue, 5 Nov 2024 01:08:01 -0800 Subject: [PATCH] Update VaultAppRole documentation to show/use roleRef in its examples (#4035) Signed-off-by: Mike Tougeron Co-authored-by: Gustavo Fernandes de Carvalho <17139678+gusfcarvalho@users.noreply.github.com> --- docs/snippets/full-cluster-secret-store.yaml | 9 +++++++-- docs/snippets/full-secret-store.yaml | 8 ++++++-- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/docs/snippets/full-cluster-secret-store.yaml b/docs/snippets/full-cluster-secret-store.yaml index 6e46a3e44..81a416aab 100644 --- a/docs/snippets/full-cluster-secret-store.yaml +++ b/docs/snippets/full-cluster-secret-store.yaml @@ -68,11 +68,16 @@ spec: # AppRole auth: https://www.vaultproject.io/docs/auth/approle appRole: path: "approle" - roleId: "db02de05-fa39-4855-059b-67221c5c2f63" + # Instead of referencing the AppRole's ID from the secret, you can also specify it directly + # roleId: "db02de05-fa39-4855-059b-67221c5c2f63" + roleRef: + name: "my-secret" + namespace: "secret-admin" + key: "vault-role-id" secretRef: name: "my-secret" namespace: "secret-admin" - key: "vault-token" + key: "vault-role-secret" # Kubernetes auth: https://www.vaultproject.io/docs/auth/kubernetes kubernetes: diff --git a/docs/snippets/full-secret-store.yaml b/docs/snippets/full-secret-store.yaml index f6bd9db29..afec84f57 100644 --- a/docs/snippets/full-secret-store.yaml +++ b/docs/snippets/full-secret-store.yaml @@ -82,10 +82,14 @@ spec: # AppRole auth: https://www.vaultproject.io/docs/auth/approle appRole: path: "approle" - roleId: "db02de05-fa39-4855-059b-67221c5c2f63" + # Instead of referencing the AppRole's ID from the secret, you can also specify it directly + # roleId: "db02de05-fa39-4855-059b-67221c5c2f63" + roleRef: + name: "my-secret" + key: "vault-role-id" secretRef: name: "my-secret" - key: "vault-token" + key: "vault-role-secret" # Kubernetes auth: https://www.vaultproject.io/docs/auth/kubernetes kubernetes: