Branch: master
Find file History
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
..
Failed to load latest commit information.
templates vault-secrets-webhook: make images configurable Jan 28, 2019
.helmignore Add vault-secrets-webhook Dec 10, 2018
Chart.yaml bump version Jan 28, 2019
README.md Add support for bank-vaults webhook debug flag Jan 23, 2019
values.yaml vault-secrets-webhook: make images configurable Jan 28, 2019

README.md

Vault Secrets webhook

This chart will install a mutating admission webhook, that injects an executable to containers in a deployment/statefulset which than can request secrets from Vault through environment variable definitions.

Installing the Chart

$ helm repo add banzaicloud-stable http://kubernetes-charts.banzaicloud.com/branch/master
$ helm repo update

The chart needs to be installed into it's own namespace to overcome recursive mutation issues, that namespace is ignored by the mutating webhook. See: https://github.com/banzaicloud/banzai-charts/issues/595#issuecomment-452223465 for more information.

$ helm upgrade --namespace vswh --install vswh banzaicloud-stable/vault-secrets-webhook

Configuration

The following tables lists configurable parameters of the vault-secrets-webhook chart and their default values.

Parameter Description Default
affinity affinities to use {}
debug debug logs for webhook false
image.pullPolicy image pull policy IfNotPresent
image.repository image repo that contains the admission server banzaicloud/vault-secrets-webhook
image.tag image tag latest
nodeSelector node selector to use {}
replicaCount number of replicas 1
resources resources to request {}
service.externalPort webhook service external port 443
service.internalPort webhook service external port 443
service.name webhook service name vault-secrets-webhook
service.type webhook service type ClusterIP
tolerations tolerations to add []