Open lisac opened 1 week ago
of all our environments, is dev
the only one where the path for the Vault secret(s) doesn't embed the environment name? (dev
uses default
in the path). if so: how complex would it be to modify the path for the dev
use case? If we could do that, we might be able to eliminated the secrets_env
key.
I think this is an example of a similar overload on the environment name: https://github.com/department-of-veterans-affairs/lighthouse-authorization-argocd-applications-vault/blob/375bb50c4d6d8738e897a0642474d3ace9b8d5ec/deploy/mock-mpi/templates/deployment-config-secrets.yaml#L14
In introducing the ArgoCD + Vault integration, we rolled out the configuration app-by-app. Let's now consider a system-wide view.
Questions to consider:
env
andsecrets_env
often (always?) are the same value; can we define the value once? Similarly forimage.tag
andimageTag
.Acceptance Criteria