Switch Vault to Jsonnett definition

As a precursor to: * Enabling Plugins * So that I can get GitHub credentials from Vault via [this plugin](https://github.com/martinbaillie/vault-plugin-secrets-github) * So that I can use [this history-syncing plugin](https://gitea.scubbo.org/scubbo/commit-report-sync) without needing to refresh tokens, including in _this_ repo. * At which point I want to [use LetsEncrypt to provide certs for Traefik Ingresses](https://adamtheautomator.com/letsencrypt-with-k3s-kubernetes/#Ensuring_Seamless_Certificate_Renewals_with_a_ClusterIssuer) * So that I can use Keycloak, which [demands an http scheme](https://github.com/keycloak/keycloak/issues/30977#issuecomment-2208679081). What a deep rabbit-hole I am in! :)
2025-03-14 20:46:59 -07:00 · 2025-03-14 20:46:59 -07:00 · d8cad832ba
commit d8cad832ba
parent fb7e8cd98e
2 changed files with 37 additions and 44 deletions
--- a/app-of-apps/apps.yaml
+++ b/app-of-apps/apps.yaml
@ -320,47 +320,3 @@ spec:
      prune: true
    syncOptions:
    - CreateNamespace=true
 ---
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
  name: vault
  namespace: argo
  finalizers:
  - resources-finalizer.argocd.argoproj.io
 spec:
  project: default
  source:
    chart: vault
    repoURL: https://helm.releases.hashicorp.com
    targetRevision: 0.25.0
    helm:
      values: |
        global:
          namespace: "vault"
        ui:
          enabled: true
        serverTelemetry:
          serviceMonitor:
            enabled: true
        server:
          ingress:
            enabled: true
            ingressClassName: traefik
            hosts:
              - host: vault.avril
                paths: []
          dataStorage:
            size: 20Gi
            storageClass: freenas-iscsi-csi
  destination:
    server: "https://kubernetes.default.svc"
    namespace: vault
  syncPolicy:
    automated:
      prune: true
    syncOptions:
    - CreateNamespace=true
--- a/app-of-apps/vault.jsonnet
+++ b/app-of-apps/vault.jsonnet
@ -0,0 +1,37 @@
 local appDef = import './app-definitions.libsonnet';
 appDef.helmApplication(
    name="vault",
    sourceRepoUrl="https://helm.releases.hashicorp.com",
    sourceChart="vault",
    sourceTargetRevision="0.25.0",
    helmValues={
        global: {
            namespace: "vault"
        },
        ui: {
            enabled: true
        },
        serverTelemetry: {
            serviceMonitor: {
                enabled: true
            }
        },
        server: {
            ingress: {
                enabled: true,
                ingressClassName: "traefik",
                hosts: [
                    {
                        host: "vault.avril",
                        paths: []
                    }
                ]
            },
            dataStorage: {
                size: "20Gi",
                storageClass: "freenas-iscsi-csi"
            }
        }
    }
 )