Vault stack can't be applied in CI (git-crypt TLS certs + sensitive for_each on k8s_users). Pipeline now automates Vault KV update + Authentik group creation, then notifies admin to apply stacks manually. This matches the existing pattern — vault is not in default.yml either. |
||
|---|---|---|
| .. | ||
| build-cli.yml | ||
| default.yml | ||
| k8s-portal.yml | ||
| provision-user.yml | ||
| renew-tls.yml | ||