Added some sample yaml as a refresher

cg-vault-demo-yaml/DEMO.md

@@ -0,0 +1,6 @@
+YAML to test Secret sync in a simple sample project
+
+- create vso-demo namespace
+- deploy yaml
+- create revised version of secret in vault and note it is synchronised
+

cg-vault-demo-yaml/va.yaml

@@ -0,0 +1,12 @@
+apiVersion: secrets.hashicorp.com/v1beta1
+kind: VaultAuth
+metadata:
+  name: vault-auth
+  namespace: vso-demo
+spec:
+  vaultConnectionRef: vault
+  method: kubernetes
+  mount: kubernetes
+  kubernetes:
+    role: vso-demo
+    serviceAccount: demo-sync

cg-vault-demo-yaml/vc.yaml

@@ -0,0 +1,7 @@
+apiVersion: secrets.hashicorp.com/v1beta1
+kind: VaultConnection
+metadata:
+  name: vault
+  namespace: vso-demo
+spec:
+  address: http://vault.vault.svc:8200

cg-vault-demo-yaml/vso-demo-policy.hcl

@@ -0,0 +1,3 @@
+path "kv/data/vso-demo/myapp" {
+  capabilities = ["read"]
+}

cg-vault-demo-yaml/vss.yaml

@@ -0,0 +1,14 @@
+apiVersion: secrets.hashicorp.com/v1beta1
+kind: VaultStaticSecret
+metadata:
+  name: myapp-secret
+  namespace: vso-demo
+spec:
+  vaultAuthRef: vault-auth
+  mount: kv
+  type: kv-v2
+  path: vso-demo/myapp
+  destination:
+    name: myapp
+    create: true
+  refreshAfter: 30s