65 lines
1.9 KiB
YAML
65 lines
1.9 KiB
YAML
apiVersion: secrets-store.csi.x-k8s.io/v1
|
|
kind: SecretProviderClass
|
|
metadata:
|
|
name: ${AKS_SERVICE_PROVIDER}
|
|
namespace: ${AKS_NAMESPACE}
|
|
spec:
|
|
provider: azure
|
|
parameters:
|
|
usePodIdentity: "false"
|
|
clientID: "${USER_ASSIGNED_CLIENT_ID}" # Setting this to use workload identity
|
|
keyvaultName: ${KEYVAULT_NAME} # Set to the name of your key vault
|
|
cloudName: "" # [OPTIONAL for Azure] if not provided, the Azure environment defaults to AzurePublicCloud
|
|
objects: |
|
|
array:
|
|
- |
|
|
objectName: EDCMYSQLHOST
|
|
objectType: secret
|
|
- |
|
|
objectName: EDCMYSQLUSER
|
|
objectType: secret
|
|
- |
|
|
objectName: EDCMYSQLPASS
|
|
objectType: secret
|
|
- |
|
|
objectName: EDCSMTPHOST
|
|
objectType: secret
|
|
- |
|
|
objectName: EDCSMTPPORT
|
|
objectType: secret
|
|
- |
|
|
objectName: EDCSMTPUSER
|
|
objectType: secret
|
|
- |
|
|
objectName: EDCSMTPPASS
|
|
objectType: secret
|
|
- |
|
|
objectName: EDCSMTPFROMEMAIL
|
|
objectType: secret
|
|
- |
|
|
objectName: EDCSMTPFROMNAME
|
|
objectType: secret
|
|
|
|
tenantId: "${IDENTITY_TENANT}" # The tenant ID of the key vault
|
|
secretObjects:
|
|
- secretName: edcenter-secret
|
|
type: Opaque
|
|
data:
|
|
- key: EDCMYSQLHOST
|
|
objectName: EDCMYSQLHOST
|
|
- key: EDCMYSQLUSER
|
|
objectName: EDCMYSQLUSER
|
|
- key: EDCMYSQLPASS
|
|
objectName: EDCMYSQLPASS
|
|
- key: EDCSMTPHOST
|
|
objectName: EDCSMTPHOST
|
|
- key: EDCSMTPPORT
|
|
objectName: EDCSMTPPORT
|
|
- key: EDCSMTPUSER
|
|
objectName: EDCSMTPUSER
|
|
- key: EDCSMTPPASS
|
|
objectName: EDCSMTPPASS
|
|
- key: EDCSMTPFROMEMAIL
|
|
objectName: EDCSMTPFROMEMAIL
|
|
- key: EDCSMTPFROMNAME
|
|
objectName: EDCSMTPFROMNAME |