From bcb7aab9fe04267c63fb85ca499f3834139702b9 Mon Sep 17 00:00:00 2001 From: Kochetkov S Date: Wed, 15 Apr 2026 16:56:02 +0300 Subject: [PATCH] add vault support --- .../infrastructure/patches/camunda.yaml | 24 +++++++++++++++++++ infrastructure/camunda/base/helmrelease.yaml | 2 +- 2 files changed, 25 insertions(+), 1 deletion(-) diff --git a/clusters/yc-k8s-test/infrastructure/patches/camunda.yaml b/clusters/yc-k8s-test/infrastructure/patches/camunda.yaml index f7b99c4..82d6186 100644 --- a/clusters/yc-k8s-test/infrastructure/patches/camunda.yaml +++ b/clusters/yc-k8s-test/infrastructure/patches/camunda.yaml @@ -8,6 +8,10 @@ spec: timeout: 15m values: global: + vault: + enabled: true + role: camunda + authPath: auth/kubernetes image: pullSecrets: - name: regcred @@ -27,20 +31,40 @@ spec: console: redirectUrl: "https://camunda-console.contour.infra.sarex.tech" identityPostgresql: + auth: + usePasswordFiles: true primary: persistence: size: 10Gi storageClass: local-path identityKeycloak: + vaultEnv: + enabled: true + role: camunda + authPath: auth/kubernetes + envFiles: + KEYCLOAK_ADMIN_PASSWORD: + path: secrets/data/camunda/keycloak-admin + key: admin-password + KEYCLOAK_PASSWORD: + path: secrets/data/camunda/keycloak-admin + key: admin-password + KEYCLOAK_DATABASE_PASSWORD: + path: secrets/data/camunda/postgresql + key: password global: storageClass: local-path tolerations: [] postgresql: + auth: + usePasswordFiles: true primary: persistence: size: 10Gi storageClass: local-path postgresql: + auth: + usePasswordFiles: true primary: persistence: size: 10Gi diff --git a/infrastructure/camunda/base/helmrelease.yaml b/infrastructure/camunda/base/helmrelease.yaml index b2bc2f7..226668e 100644 --- a/infrastructure/camunda/base/helmrelease.yaml +++ b/infrastructure/camunda/base/helmrelease.yaml @@ -13,7 +13,7 @@ spec: chart: spec: chart: camunda-contour - version: "11.0.10" + version: "11.0.11" sourceRef: kind: HelmRepository name: yc-oci-charts