Switch Vault to Jsonnett definition

As a precursor to: * Enabling Plugins * So that I can get GitHub credentials from Vault via [this plugin](https://github.com/martinbaillie/vault-plugin-secrets-github) * So that I can use [this history-syncing plugin](https://gitea.scubbo.org/scubbo/commit-report-sync) without needing to refresh tokens, including in _this_ repo. * At which point I want to [use LetsEncrypt to provide certs for Traefik Ingresses](https://adamtheautomator.com/letsencrypt-with-k3s-kubernetes/#Ensuring_Seamless_Certificate_Renewals_with_a_ClusterIssuer) * So that I can use Keycloak, which [demands an http scheme](https://github.com/keycloak/keycloak/issues/30977#issuecomment-2208679081). What a deep rabbit-hole I am in! :)
2025-03-14 20:46:59 -07:00 · 2025-03-14 20:46:59 -07:00 · d8cad832ba
commit d8cad832ba
parent fb7e8cd98e
2 changed files with 37 additions and 44 deletions
--- a/app-of-apps/apps.yaml
+++ b/app-of-apps/apps.yaml
@ -320,47 +320,3 @@ spec:
      prune: true
    syncOptions:
    - CreateNamespace=true
---
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: vault
-  namespace: argo
-  finalizers:
-  - resources-finalizer.argocd.argoproj.io
-spec:
-  project: default
-
-  source:
-    chart: vault
-    repoURL: https://helm.releases.hashicorp.com
-    targetRevision: 0.25.0
-    helm:
-      values: |
-        global:
-          namespace: "vault"
-        ui:
-          enabled: true
-        serverTelemetry:
-          serviceMonitor:
-            enabled: true
-        server:
-          ingress:
-            enabled: true
-            ingressClassName: traefik
-            hosts:
-              - host: vault.avril
-                paths: []
-          dataStorage:
-            size: 20Gi
-            storageClass: freenas-iscsi-csi
-
-  destination:
-    server: "https://kubernetes.default.svc"
-    namespace: vault
-
-  syncPolicy:
-    automated:
-      prune: true
-    syncOptions:
-    - CreateNamespace=true
--- a/app-of-apps/vault.jsonnet
+++ b/app-of-apps/vault.jsonnet
@ -0,0 +1,37 @@
+local appDef = import './app-definitions.libsonnet';
+
+appDef.helmApplication(
+    name="vault",
+    sourceRepoUrl="https://helm.releases.hashicorp.com",
+    sourceChart="vault",
+    sourceTargetRevision="0.25.0",
+    helmValues={
+        global: {
+            namespace: "vault"
+        },
+        ui: {
+            enabled: true
+        },
+        serverTelemetry: {
+            serviceMonitor: {
+                enabled: true
+            }
+        },
+        server: {
+            ingress: {
+                enabled: true,
+                ingressClassName: "traefik",
+                hosts: [
+                    {
+                        host: "vault.avril",
+                        paths: []
+                    }
+                ]
+            },
+            dataStorage: {
+                size: "20Gi",
+                storageClass: "freenas-iscsi-csi"
+            }
+        }
+    }
+)