HomeInfra/HetznerTerra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Configure Weave GitOps to use Doppler-managed admin credentials
All checks were successful
Deploy Cluster / Terraform (push) Successful in 39s
Details
Deploy Cluster / Ansible (push) Successful in 4m41s
Details

Browse Source 
Changes:
- Enable adminUser creation but disable Helm-managed secret
- Use ExternalSecret (cluster-user-auth) from Doppler instead
- Doppler secrets: WEAVE_GITOPS_ADMIN_USERNAME and WEAVE_GITOPS_ADMIN_PASSWORD_BCRYPT_HASH
- Added cluster-user-auth to viewSecretsResourceNames for RBAC

Login credentials are now managed via Doppler and External Secrets Operator.
This commit is contained in:
MichaelFisher1997
2026-03-24 01:01:30 +00:00
parent 0e52d8f159
commit 45c899d2bd
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
infrastructure/addons/flux-ui/helmrelease-weave-gitops.yaml
View File

@@ -27,9 +27,12 @@ spec:
adminUser: adminUser:
create: true create: true
createClusterRole: true createClusterRole: true
createSecret: false createSecret: false # Secret is managed by External Secret from Doppler
username: admin username: admin
rbac: rbac:
create: true create: true
impersonationResourceNames: impersonationResourceNames:
- admin - admin
viewSecretsResourceNames:
- cluster-user-auth
- oidc-auth