mirrors/external-secrets
1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00
Code Activity
external-secrets/e2e/k8s/vault.values.yaml
Rodrigo Fior Kuntzer 31cecaa62b
feat: add support for Hashicorp Vault mTLS (#3018) 
* feat: adding support for mTLS to the Vault provider

Signed-off-by: Rodrigo Fior Kuntzer <rodrigo@miro.com>
2024-01-19 00:43:28 +01:00

35 lines
1 KiB
YAML
Raw Blame History

injector:
enabled: false
server:
extraEnvironmentVars:
VAULT_CACERT: /etc/vault-config/vault-server-ca.pem
VAULT_ADDR: https://127.0.0.1:8200
volumeMounts:
- name: tls-config
mountPath: /etc/vault-config
readOnly: true
volumes:
- name: tls-config
secret:
secretName: vault-tls-config
standalone:
config: |
ui = true
listener "tcp" {
address = "[::]:8200"
cluster_address = "[::]:8201"
tls_cert_file = "/etc/vault-config/server-cert.pem"
tls_key_file = "/etc/vault-config/server-cert-key.pem"
tls_client_ca_file = "/etc/vault-config/vault-client-ca.pem"
}
listener "tcp" {
address = "[::]:8210"
cluster_address = "[::]:8211"
tls_cert_file = "/etc/vault-config/server-cert.pem"
tls_key_file = "/etc/vault-config/server-cert-key.pem"
tls_client_ca_file = "/etc/vault-config/vault-client-ca.pem"
tls_require_and_verify_client_cert = true
}
storage "file" {
path = "/vault/data"
}
View git blame Copy permalink