Branch: master
Find file History
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.
templates vault-secrets-webhook: make images configurable Jan 28, 2019
.helmignore Add vault-secrets-webhook Dec 10, 2018
Chart.yaml bump version Jan 28, 2019 Add support for bank-vaults webhook debug flag Jan 23, 2019
values.yaml vault-secrets-webhook: make images configurable Jan 28, 2019

Vault Secrets webhook

This chart will install a mutating admission webhook, that injects an executable to containers in a deployment/statefulset which than can request secrets from Vault through environment variable definitions.

Installing the Chart

$ helm repo add banzaicloud-stable
$ helm repo update

The chart needs to be installed into it's own namespace to overcome recursive mutation issues, that namespace is ignored by the mutating webhook. See: for more information.

$ helm upgrade --namespace vswh --install vswh banzaicloud-stable/vault-secrets-webhook


The following tables lists configurable parameters of the vault-secrets-webhook chart and their default values.

Parameter Description Default
affinity affinities to use {}
debug debug logs for webhook false
image.pullPolicy image pull policy IfNotPresent
image.repository image repo that contains the admission server banzaicloud/vault-secrets-webhook
image.tag image tag latest
nodeSelector node selector to use {}
replicaCount number of replicas 1
resources resources to request {}
service.externalPort webhook service external port 443
service.internalPort webhook service external port 443 webhook service name vault-secrets-webhook
service.type webhook service type ClusterIP
tolerations tolerations to add []