simonkaiser
/
k8s-kaisers-info
Segui 1
Vota 0
Forka 0
Codice Problemi 0 Pull Requests 0 Rilasci 0 Wiki Attività
Sfoglia il codice sorgente

Secret for Argo

Simon Kaiser 3 anni fa
parent
bfdadc1869
commit
dfd7e50b21
2 ha cambiato i file con 37 aggiunte e 1 eliminazioni
Visualizzazione separata Mostra Diff Stats
  1. 15
    1
      gitops-kaisers-info/templates/argo-cd.yaml
  2. 22
    0
      gitops-kaisers-info/templates/argocd-secret-sealed.yaml

+ 15
- 1
gitops-kaisers-info/templates/argo-cd.yaml Vedi File 

@@ -38,4 +38,18 @@ spec:
38 38 
                 - "argo-cd.kaisers.info"
39 39
40 40 
           extraArgs:
41 
-            - --insecure
41 
+            - --insecure
42 
+
43 
+          config:
44 
+            oidc.config: |
45 
+              name: Authentik
46 
+              issuer: https://authentik.kaisers.info/TENANT_ID/v2.0
47 
+              clientID: $oidc.auth0.clientID
48 
+              clientSecret: $oidc.auth0.clientSecret
49 
+          #    requestedIDTokenClaims:
50 
+          #      groups:
51 
+          #        essential: true
52 
+          #   requestedScopes:
53 
+          #     - openid
54 
+          #     - profile
55 
+          #     - email

+ 22
- 0
gitops-kaisers-info/templates/argocd-secret-sealed.yaml Vedi File 

@@ -0,0 +1,22 @@
1 
+apiVersion: bitnami.com/v1alpha1
2 
+kind: SealedSecret
3 
+metadata:
4 
+  annotations:
5 
+    argocd.argoproj.io/sync-wave: "-1"
6 
+  name: argocd-secret
7 
+  namespace: argocd
8 
+  labels:
9 
+    app.kubernetes.io/name: argocd-secret
10 
+    app.kubernetes.io/part-of: argocd
11 
+spec:
12 
+  encryptedData:
13 
+    oidc.auth0.clientID: AgBT4gvpzid8nuM82FkXV81d9+kgopIQ7lLU2rcNK/wxLXNYLEX7wkLGEmigaKf8oxTWZIYmrbivRh58wtwrUDbbjl6Fc52sXPsAMfAgBCbx2skKZ/4ZUApAKwIwtQ15SyGnGOwSiZMLhIMiF/N2zwxKVn59u/8/wFIohIIOOB6xAkpaQOfx3hwsMXh8yPRfqNHFi+eSy/Rd9ta/dG1OI8+UtgG83I5JcEQ26MIsyOLjOoCI0tmPxAcRMp6EqUusLRDaTUGiXx0a+7LII20lFBMyw4FHwraIQrcjKjI/BSG4GLTHGO5KzKG3L2S37xnU+TW4/QSdI5hCsBlbMYV3u6CXwiTwqLIitU9/TXhuS1TBexXcoe3coPaBs27ccizRv0KkHxukgxjR1yqbjRPIWtREY8a4GN5uIJcrJNz3/Fj1uYWY9+gSoyDf0As+ok0J21poMZF8UhKUq5FzkNG4TppzHCNlG6hcRDhuQXW24OJCNvsCtpEbzsM9Ux86Q93+jo9hdeJLcqJd+2kzFjOKzONMLkavRxs0VX6DC+7bJ5VTKudiu0bAxMBr8VvJMPWqgzXNwrmheh1tY9ND6LEA4drjS0+TPdNlTLyCTJLTXFUaEEHoCyCP2lXUOl2GE1mJMm1FsmHxCjLYvAsr4eqZkPbn2dXvTmbr8eejSuTRtWkU6x40feqz0sQXNuppe+4GaoOvYFMpPfBtnR3YEKurFE85MiQq5PjukqeOhfPiooM1PQx0
14 
+    oidc.auth0.clientSecret: AgCaxm4Qy8T/6+Sfx13J/XfLVz0ZTKAg0Giio6z+QB96XG61jWQF4nBlygI9Nqwf1ibW2QPsw79h8bZ8xBuDw/tNnwaVsf4zz5qRFgA5nwSNRr9sqJzfrnAA0hXELgWrm0391xgiQgct//Za8W8WjF0/Eni00FzTI5/nWhqsO1RDH2Op+FvpqvtQV089hwU4Xq51bDcOJTyruM8KbCJRrRuA5mz90Ww9v7zCUkVpIUfEqsTbrnHm4BLeKgKOXtmvhObDqqrSrbicJUqW29Sg9OGyBtiSVbw+N10tkaWh2WLP9MfJSV4XKq6g+Eh12OqREkBr2Gc+78+lg2uHmuvTewdjj/eErZ2HUkHaUFXoHaAIM6BWc/+elJxOa4mVvhVnPY2cJXg8qOCb/wEwnQg4gSfNwObnFFrja8+3u4Vycq7x13txMPdpaoAafLPkjsIkka9XwrbyqeQZT/jInP3F2U0jtfV+R5ifBWoP+WkdesAby03YjchvVMZ/3ix3BclTo7kwaVMEEQlXBLgTphn3EIvqMc0hNuj/iRa3gED8emO7DBlm/XbseEUJO52wVtov0YLkuN/glGiDaCsGyVigqv1SYZEAeKMUmAiWf5RgvTheTqkKxCVdHdb9HAnz6phO0JhdFvFrDKh/aA1HW6uT6b+LT8rVrQEh+fe+Oz4ge615Iz6h/PnFEr5TP6bQ1DEEzTmtmgoem5OnUje779OCUD2E1pksm6DLkT3xWJYCkCU4+ELH
15 
+  template:
16 
+    data: null
17 
+    metadata:
18 
+      creationTimestamp: null
19 
+      name: argocd-secret
20 
+      namespace: argocd
21 
+    type: Opaque
22 
+