/
helm.tf
64 lines (53 loc) · 1.36 KB
/
helm.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
resource "helm_release" "csi" {
name = "csi"
namespace = "kube-system"
repository = "https://kubernetes-sigs.github.io/secrets-store-csi-driver/charts"
chart = "secrets-store-csi-driver"
version = var.csi_helm_version
set {
name = "enableSecretRotation"
value = "true"
}
set {
name = "syncSecret.enabled"
value = "true"
}
}
resource "helm_release" "vault" {
depends_on = [helm_release.csi]
name = "vault"
namespace = "vault"
create_namespace = true
repository = "https://helm.releases.hashicorp.com"
chart = "vault"
version = var.vault_helm_version
set {
name = "injector.enabled"
value = "true"
}
set {
name = "injector.externalVaultAddr"
value = local.hcp_vault_private_address
}
set {
name = "csi.enabled"
value = "true"
}
}
resource "helm_release" "vault_operator" {
depends_on = [helm_release.vault]
name = "vault-secrets-operator"
namespace = "vault-secrets-operator"
create_namespace = true
repository = "https://helm.releases.hashicorp.com"
chart = "vault-secrets-operator"
version = var.vault_operator_helm_version
set {
name = "defaultVaultConnection.enabled"
value = "true"
}
set {
name = "defaultVaultConnection.address"
value = local.hcp_vault_private_address
}
}