Michal.Wrobel/openbao-helm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openbao-helm/test/acceptance/injector-test/job.yaml
jessebot b473c07acc update more vault to openbao everywhere 
Signed-off-by: jessebot <jessebot@linux.com>
2024-05-29 10:43:12 -04:00

42 lines
1.1 KiB
YAML
Raw Blame History

# Copyright (c) HashiCorp, Inc.
# SPDX-License-Identifier: MPL-2.0
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: pgdump
labels:
app: pgdump
---
apiVersion: batch/v1
kind: Job
metadata:
name: pgdump
spec:
backoffLimit: 0
template:
metadata:
name: pgdump
labels:
app: pgdump
annotations:
vault.hashicorp.com/agent-inject: "true"
vault.hashicorp.com/agent-inject-secret-db-creds: "database/creds/db-backup"
vault.hashicorp.com/agent-inject-template-db-creds: |
{{- with secret "database/creds/db-backup" -}}
postgresql://{{ .Data.username }}:{{ .Data.password }}@postgres.acceptance.svc.cluster.local:5432/mydb
{{- end }}
vault.hashicorp.com/role: "db-backup"
vault.hashicorp.com/agent-pre-populate-only: "true"
spec:
serviceAccountName: pgdump
containers:
- name: pgdump
image: postgres:11.5
command:
- "/bin/sh"
- "-ec"
args:
- "/usr/bin/pg_dump $(cat /openbao/secrets/db-creds) --no-owner > /dev/stdout"
restartPolicy: Never
Reference in a new issue View git blame Copy permalink