Skip to content

Commit

Permalink
chore: Add annotations added in bank-vaults/vault-secrets-webhook#275
Browse files Browse the repository at this point in the history
  • Loading branch information
@dhumphries-sainsburys
dhumphries-sainsburys committed Jan 23, 2024
1 parent 43dec79 commit f67427d
Showing 1 changed file with 14 additions and 10 deletions.
24 changes: 14 additions & 10 deletions content/docs/mutating-webhook/vault-agent-templating.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,13 +61,17 @@ For the webhook to detect that it will need to mutate or change a PodSpec, add t

### PodSpec annotations {#podspec}

|Annotation |default |Explanation|
|--------------|------------|------------|
vault.security.banzaicloud.io/vault-addr|Same as VAULT_ADDR above||
vault.security.banzaicloud.io/vault-tls-secret|Same as VAULT_TLS_SECRET above||
vault.security.banzaicloud.io/vault-agent-configmap|""|A configmap name which holds the vault agent configuration|
vault.security.banzaicloud.io/vault-agent-once|false|do not run vault-agent in daemon mode, useful for kubernetes jobs|
vault.security.banzaicloud.io/vault-agent-share-process-namespace|Same as VAULT_AGENT_SHARE_PROCESS_NAMESPACE above|
vault.security.banzaicloud.io/vault-agent-cpu|"100m"|Specify the vault-agent container CPU resource limit|
vault.security.banzaicloud.io/vault-agent-memory|"128Mi"|Specify the vault-agent container memory resource limit|
vault.security.banzaicloud.io/vault-configfile-path|"/vault/secrets"|Mount path of Vault Agent rendered files|
| Annotation | default | Explanation |
|-------------------------------------------------------------------|---------------------------------------------------|-----------------------------------------------------------------------------------------|
| vault.security.banzaicloud.io/vault-addr | Same as VAULT_ADDR above | |
| vault.security.banzaicloud.io/vault-tls-secret | Same as VAULT_TLS_SECRET above | |
| vault.security.banzaicloud.io/vault-agent-configmap | "" | A configmap name which holds the vault agent configuration |
| vault.security.banzaicloud.io/vault-agent-once | false | do not run vault-agent in daemon mode, useful for kubernetes jobs |
| vault.security.banzaicloud.io/vault-agent-share-process-namespace | Same as VAULT_AGENT_SHARE_PROCESS_NAMESPACE above | |
| vault.security.banzaicloud.io/vault-agent-cpu | "100m" | Specify the vault-agent container CPU resource limit |
| vault.security.banzaicloud.io/vault-agent-memory | "128Mi" | Specify the vault-agent container memory resource limit |
| vault.security.banzaicloud.io/vault-agent-cpu-request | "100m" | Specify the vault-agent container CPU resource request |
| vault.security.banzaicloud.io/vault-agent-cpu-limit | "100m" | Specify the vault-agent container CPU resource limit (Overridden by vault-agent-cpu) |
| vault.security.banzaicloud.io/vault-agent-memory-request | "128Mi" | Specify the vault-agent container memory resource request |
| vault.security.banzaicloud.io/vault-agent-memory-limit | "128Mi" | Specify the vault-agent container memory resource limit (Overridden by vault-agent-cpu) |
| vault.security.banzaicloud.io/vault-configfile-path | "/vault/secrets" | Mount path of Vault Agent rendered files |

0 comments on commit f67427d

Please sign in to comment.