viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
infra/stacks/vault
History
Viktor Barzin ccbcebb670 feat(vault): automate SOPS onboarding for namespace-owners 
- Add Transit mount + per-stack Transit keys to vault stack TF
- Auto-create sops-user-<name> policy scoping decrypt to owned stacks
- Auto-create sops-<name> external group + alias for Authentik mapping
- Add sops-admin policy to authentik-admins group
- Attach sops-user policy to namespace-owner identity entities
- Update add-user skill with SOPS onboarding steps and Authentik group
- Adding a user to k8s_users + applying vault stack = full SOPS access

[ci skip]
2026-03-17 23:15:25 +00:00
..
backend.tf regenerate providers.tf: remove vault_root_token variable [ci skip] 2026-03-15 21:21:01 +00:00
main.tf feat(vault): automate SOPS onboarding for namespace-owners 2026-03-17 23:15:25 +00:00
providers.tf regenerate providers.tf: remove vault_root_token variable [ci skip] 2026-03-15 21:21:01 +00:00
terragrunt.hcl Add Vault OIDC authentication via Authentik 2026-03-14 13:53:05 +00:00
tiers.tf Add Vault OIDC authentication via Authentik 2026-03-14 13:53:05 +00:00