k8s-cluster

duynguyen/k8s-cluster

Fork 0

Commit Graph

Author	SHA1	Message	Date
duynguyen	9419f7d4a3	security: switch ESO→Vault auth from token to k8s SA Remove static Vault token from Git (was exposed in vault-token-secret.yaml). ESO now authenticates via Kubernetes service account JWT → short-lived tokens. Add sync-hook Job to configure Vault k8s auth idempotently on ArgoCD sync. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-22 13:08:21 +07:00
duynguyen	6e27e6ec5f	rename folder	2026-04-12 22:41:31 +07:00

Author

SHA1

Message

Date

duynguyen

9419f7d4a3

security: switch ESO→Vault auth from token to k8s SA

Remove static Vault token from Git (was exposed in vault-token-secret.yaml).
ESO now authenticates via Kubernetes service account JWT → short-lived tokens.
Add sync-hook Job to configure Vault k8s auth idempotently on ArgoCD sync.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-04-22 13:08:21 +07:00

duynguyen

6e27e6ec5f

rename folder

2026-04-12 22:41:31 +07:00

2 Commits