REFACTOR(apps): integrate ingress to helm-values
- code-server: move ingress to helm-values, rbac to manifests - headlamp: move ingress to helm-values, external-secret to manifests
This commit is contained in:
27
headlamp/manifests/external-secret.yaml
Normal file
27
headlamp/manifests/external-secret.yaml
Normal file
@@ -0,0 +1,27 @@
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: headlamp-oidc
|
||||
namespace: headlamp
|
||||
spec:
|
||||
refreshInterval: 1h
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault-backend
|
||||
target:
|
||||
name: headlamp-oidc
|
||||
creationPolicy: Owner
|
||||
template:
|
||||
engineVersion: v2
|
||||
data:
|
||||
OIDC_CLIENT_ID: headlamp
|
||||
OIDC_CLIENT_SECRET: "{{ .clientSecret }}"
|
||||
OIDC_ISSUER_URL: https://auth0213.kro.kr
|
||||
OIDC_SCOPES: "openid profile email groups"
|
||||
OIDC_VALIDATOR_CLIENT_ID: headlamp
|
||||
OIDC_VALIDATOR_ISSUER_URL: https://auth0213.kro.kr
|
||||
data:
|
||||
- secretKey: clientSecret
|
||||
remoteRef:
|
||||
key: cluster-infrastructure/authelia
|
||||
property: HEADLAMP_CLIENT_SECRET
|
||||
Reference in New Issue
Block a user