Commit 1e47b017 authored by Clement Bois's avatar Clement Bois
Browse files

feat(vault)!: enable certificate verification 

BREAKING CHANGE: self-signed certificates must be declared in your GitLab DEFAULT_CA_CERTS or with VAULT_CA_CERTS variable
parent 2cdce85d

templates/gitlab-ci-ansible-vault.yml

+6 −2
Original line number Diff line number Diff line
@@ -28,6 +28,10 @@ variables: 
      alias: "vault-secrets-provider"

      variables:

        VAULT_JWT_TOKEN: "$VAULT_JWT_TOKEN"

        VAULT_CA_CERTS: |

          $DEFAULT_CA_CERTS

          $CUSTOM_CA_CERTS

        SKIP_SSL: "false"

  id_tokens:

    VAULT_JWT_TOKEN:

      aud: "$VAULT_OIDC_AUD"