35 lines
945 B
Plaintext
35 lines
945 B
Plaintext
server:
|
|
%{ if ingress != null }
|
|
ingress:
|
|
enabled: ${ tobool(coalesce(ingress.enabled, false)) }
|
|
%{ if ingress.className != null }
|
|
ingressClassName: ${ ingress.className }
|
|
%{ endif }
|
|
%{ if ingress.annotations != null }
|
|
annotations:
|
|
%{ for key, value in ingress.annotations ~}
|
|
${ key }: "${ value }"
|
|
%{ endfor ~}
|
|
%{ endif }
|
|
hosts:
|
|
- host: ${ service_uri }
|
|
paths: []
|
|
%{ if ingress.tls }
|
|
tls:
|
|
- secretName: vault-tls
|
|
hosts:
|
|
- ${ service_uri }
|
|
%{ endif }
|
|
%{ endif }
|
|
extraEnvironmentVars:
|
|
VAULT_SEAL_TYPE: "awskms"
|
|
AWS_REGION: "${ aws.region }"
|
|
VAULT_AWSKMS_SEAL_KEY_ID: "${ aws.kms_key_id }"
|
|
extraSecretEnvironmentVars:
|
|
- envName: AWS_ACCESS_KEY_ID
|
|
secretName: vault-aws-creds
|
|
secretKey: AWS_ACCESS_KEY_ID
|
|
- envName: AWS_SECRET_ACCESS_KEY
|
|
secretName: vault-aws-creds
|
|
secretKey: AWS_SECRET_ACCESS_KEY
|