Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Support Vault server running with TLS (#874)
* Change vault cluster in acceptance tests to only run with TLS. All tests will run against vault with TLS because that is the use case we think will be the most valuable for users to test * Support adding Vault CA as a secret to pods that will be using vault agent. We need to add two annotations to pods: * vault.hashicorp.com/agent-extra-secret with the value of the vault CA secret name. The secret will be mounted to vault agent at /vault/custom path. See docs here * vault.hashicorp.com/ca-cert - with the path of the ca file inside the vault agent container. This should be /vault/custom/<secret key> * Most pods will only need those annotations. The server pods also need the Vault CA secret to be mounted as a volume because it needs the CA to be on the file system for the vault connect CA provider.
- Loading branch information