Bridgeman-Accessible/custom-hashicorp-vault-helm
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Attempted to make the changes and add things that will be needed for the new k8s mode
All checks were successful
Deploy the Helm Chart / build (push) Successful in 12s
Details

Browse source
This commit is contained in:
Alan Bridgeman 2026-04-05 15:46:22 -05:00
parent 9e288e7404
commit 1912114d63
6 changed files with 65 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

34
values.yaml
View file

@ -76,22 +76,32 @@ create:
# Configurations for the AppRole authentication method for the created Vault instance
appRole:
# The name of the environment variable/secret that contains the Role ID for the app
# The mode within which it runs this determines how approle data is shared
#
# | Value | Description |
# | ------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
# | `file` | This creates a .env file with the approle data. This is useful in situations where sharing data across filesystems makes sense. Ex. docker compose |
# | `k8s` | This creates Kubernetes configurations and secrets for the approle data. This is useful in situations where sharing data via Kubernetes resources makes sense. Ex. In the same k8s cluster, etc... |
mode: 'file'
# In `file` mode - the name of the environment variable/secret that contains the Role ID for the app
# In `k8s` mode - the name of the Kubernetes secret that contains the Role ID for the app
roleIDSecretName: VAULT_ROLE_ID
# The name of the environment variable/secret that contains the Secret ID for the app
# In `file` mode - the name of the environment variable/secret that contains the Secret ID for the app
# In `k8s` mode - the name of the Kubernetes secret that contains the Secret ID for the app
secretIDSecretName: VAULT_SECRET_ID
# Configurations for the `role-vars` Persistent Volume Claim (PVC).
# The `role-vars` PVC is used for the app's AppRole auth access variables (role & secret IDs etc...)
roleVarsPVC:
# Because the PVC needs to be a RWX type volume (so that multiple pods can access it)
# Because the app and the vault are separate pods.
# We need to use a storage class that supports RWX (Custom create CephFS backed storage class)
storageClassName: vault-role-vars-rook-cephfs
# The size of the PVC (note because this is largely just credentials a small size is sufficient)
size: 512Mi
# Configurations for the `role-vars` Persistent Volume Claim (PVC).
# The `role-vars` PVC is used for the app's AppRole auth access variables (role & secret IDs etc...)
roleVarsPVC:
# Because the PVC needs to be a RWX type volume (so that multiple pods can access it)
# Because the app and the vault are separate pods.
# We need to use a storage class that supports RWX (Custom create CephFS backed storage class)
storageClassName: vault-role-vars-rook-cephfs
# The size of the PVC (note because this is largely just credentials a small size is sufficient)
size: 512Mi
# Configurations for the `vault-data` Persistent Volume Claim (PVC).
# The `vault-data` PVC is used for the Vault's data storage.