Remove Vault dependency for deployments

2021-06-14 16:27:19 +02:00
parent 7cfa7a7bf1
commit c6a9c7ab35
8 changed files with 79 additions and 34 deletions
--- a/services/Bitwarden/deploy-Bitwarden.yml
+++ b/services/Bitwarden/deploy-Bitwarden.yml
@ -26,16 +26,6 @@ spec:
      app: bitwarden
  template:
    metadata:
-      annotations:
-        vault.hashicorp.com/agent-inject: "true"
-        vault.hashicorp.com/agent-inject-secret-bitwarden: "secret/bitwarden"
-        vault.hashicorp.com/role: "bitwarden"
-        vault.hashicorp.com/agent-inject-template-bitwarden: |
-          {{ with secret "secret/bitwarden" -}}
-            export ADMIN_TOKEN="{{ .Data.data.admintoken }}"
-            export YUBICO_CLIENT_ID="{{ .Data.data.yubicoclientid }}"
-            export YUBICO_SECRET_KEY="{{ .Data.data.yubicosecretkey }}"
-          {{- end }}
      labels:
        app: bitwarden
    spec:
@ -43,7 +33,6 @@ spec:
      containers:
      - name: bitwarden
        image: bv11-cr01.bessems.eu/proxy/vaultwarden/server
-        args: ["sh", "-c", ". /vault/secrets/bitwarden && /start.sh"]
        env:
        - name: ENABLE_DB_WAL
          value: "false"
@ -59,6 +48,9 @@ spec:
          value: "debug"
        - name: EXTENDED_LOGGING
          value: "true"
+        envFrom:
+        - secretRef:
+            name: bitwarden-secret
        ports:
          - name: ui
            containerPort: 8080
--- a/services/Bitwarden/secret-Bitwarden.yml.template
+++ b/services/Bitwarden/secret-Bitwarden.yml.template
@ -0,0 +1,10 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: bitwarden-secret
+  labels:
+    app: bitwarden
+stringData:
+    admintoken: '<removed>'
+    yubicoclientid: '<removed>'
+    yubicosecretkey: '<removed>'