PrivateNetwork: Setup secrets ACL for both of the tailscale clients.
Change-Id: I671b66ba06712b6842aa47cb2607b2a46ce0e0d4
diff --git a/core/installer/values-tmpl/private-network.cue b/core/installer/values-tmpl/private-network.cue
index 653da67..c22e5fc 100644
--- a/core/installer/values-tmpl/private-network.cue
+++ b/core/installer/values-tmpl/private-network.cue
@@ -38,6 +38,12 @@
}
charts: {
+ "access-secrets": {
+ kind: "GitRepository"
+ address: "https://code.v1.dodo.cloud/helm-charts"
+ branch: "main"
+ path: "charts/access-secrets"
+ }
"ingress-nginx": {
kind: "GitRepository"
address: "https://code.v1.dodo.cloud/helm-charts"
@@ -61,6 +67,18 @@
_ingressPrivate: "\(global.id)-ingress-private"
helm: {
+ "access-secrets": {
+ chart: charts["access-secrets"]
+ values: {
+ serviceAccountName: "default"
+ }
+ }
+ "access-secrets-nginx": {
+ chart: charts["access-secrets"]
+ values: {
+ serviceAccountName: "\(global.id)-nginx-private"
+ }
+ }
"ingress-nginx": {
chart: charts["ingress-nginx"]
values: {