Question/Problem: Can I use AVP with multiple vault Instance Endpoints for different Openshift/K8s Clusters #688
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
Is your feature request related to a problem? Please describe.
Hello, I'm facing a issue with multiple vault environments and multiple Open shift clusters where I'm tasked to make certain clusters point to a non-prod vault instance and rest of the clusters to point prod vault instance. Environment separation I suppose.
Currently we have few clusters and ArgoCD with AVP runs outside these "environment separated" cluster called ACM. AVP is configured to prod-vault environment
I was able to configure a non-prod cluster to point non-prod Vault instance/Env via vault-agent-injector, but when I sync an argo app that needs to be deployed in this non-prod cluster, I get the sync error: Error making api request because AVP/argocd is configured to prod-vault environment which makes sense.
My question is can AVP be configured to talk to different vault environments(different vault end points etc)?
Describe the solution you'd like
A solution where vault-agent injector is already configured but gitops can switch between vault environments based on argo app configuration somewhere.
Describe alternatives you've considered
Additional context
I looked into this: https://argocd-vault-plugin.readthedocs.io/en/stable/config/#passing-avp-configuration-as-environment-variables-in-the-app-manifest but I cant be sure if it is the solution
The text was updated successfully, but these errors were encountered: