From e7b8434ad60bb21c7e9c2f2a81c0fd279e736e89 Mon Sep 17 00:00:00 2001 From: Kochetkov S Date: Tue, 14 Apr 2026 14:26:53 +0300 Subject: [PATCH] add vault vs + gw + crt --- .../infrastructure/patches/istio-config.yaml | 26 +++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/clusters/yc-k8s-test/infrastructure/patches/istio-config.yaml b/clusters/yc-k8s-test/infrastructure/patches/istio-config.yaml index 44d4ceb..e6f567b 100644 --- a/clusters/yc-k8s-test/infrastructure/patches/istio-config.yaml +++ b/clusters/yc-k8s-test/infrastructure/patches/istio-config.yaml @@ -73,6 +73,12 @@ spec: issuerRef: name: letsencrypt-issuer-istio kind: ClusterIssuer + vault-tls: + dnsNames: + - vault.contour.infra.sarex.tech + issuerRef: + name: letsencrypt-issuer-istio + kind: ClusterIssuer istio: gateways: minio: @@ -115,6 +121,14 @@ spec: - keycloak.contour.infra.sarex.tech tls: credentialName: keycloak-tls + vault: + name: vault-gateway + namespace: vault + servers: + - hosts: + - vault.contour.infra.sarex.tech + tls: + credentialName: vault-tls camunda: name: camunda-gateway namespace: gateway @@ -140,6 +154,18 @@ spec: tls: credentialName: camunda-optimize-tls virtualServices: + vault: + name: vault-virt-service + namespace: gateway + hosts: + - vault.contour.infra.sarex.tech + gateways: + - gateway/vault-gateway + routes: + - path: + prefix: / + service: vault-vault-contour.vault.svc.cluster.local + port: 8200 minio: name: minio-virt-service namespace: gateway