Use an External Vault

Note

We no longer recommend or support using an external vault with Pipelines.

If you want to use external Vault, set vault.enabled=false and create a values-external-vault.yaml with the following configuration.

vault:
  enabled: false

global:
  vault:
    ## Vault url examples
    # external one: https://vault.example.com
    # internal one running in the same Kubernetes cluster: http://vault-active:8200
    url: vault_url
    token: vault_token
    ## Set Vault token using existing secret
    # existingSecret: vault-secret

If you store an external Vault token in a pre-existing Kubernetes Secret, you can specify it via existingSecret.

Run the following command to create a secret containing the vault token.

kubectl create secret generic vault-secret --from-literal=token=${VAULT_TOKEN}
helm upgrade --install pipelines --namespace pipelines jfrog/pipelines -f values-external-vault.yaml