From 1b52f01d0ef8fb774db824b5e578aa4b13686be1 Mon Sep 17 00:00:00 2001 From: rconway Date: Mon, 8 Jan 2024 10:55:31 +0000 Subject: [PATCH] Commit triggered by a change on the main branch of helm-charts-dev --- charts/data-access/README.md | 2 +- charts/identity-gatekeeper/Chart.yaml | 2 +- .../identity-gatekeeper/templates/sealedsecret.yaml | 11 ----------- charts/identity-gatekeeper/templates/secret.yaml | 13 +++++++++++++ charts/identity-gatekeeper/values.yaml | 12 ++++++------ 5 files changed, 21 insertions(+), 19 deletions(-) delete mode 100644 charts/identity-gatekeeper/templates/sealedsecret.yaml create mode 100644 charts/identity-gatekeeper/templates/secret.yaml diff --git a/charts/data-access/README.md b/charts/data-access/README.md index 1dd10ab..c158c14 100644 --- a/charts/data-access/README.md +++ b/charts/data-access/README.md @@ -1,4 +1,4 @@ -# HELM Chart for Resource Guard +# HELM Chart for Data Access This README describes how to install the Data Access in your Kubernetes cluster using `Helm`. diff --git a/charts/identity-gatekeeper/Chart.yaml b/charts/identity-gatekeeper/Chart.yaml index 1403a79..643b446 100644 --- a/charts/identity-gatekeeper/Chart.yaml +++ b/charts/identity-gatekeeper/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 1.0.0 +version: 1.0.1 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/charts/identity-gatekeeper/templates/sealedsecret.yaml b/charts/identity-gatekeeper/templates/sealedsecret.yaml deleted file mode 100644 index 7310093..0000000 --- a/charts/identity-gatekeeper/templates/sealedsecret.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - name: {{ include "identity-gatekeeper.name" . }} - labels: - {{- include "identity-gatekeeper.labels" . | nindent 4 }} - namespace: {{ .Release.Namespace }} -spec: - encryptedData: - PROXY_CLIENT_SECRET: "{{ .Values.secrets.clientSecret }}" - PROXY_ENCRYPTION_KEY: "{{ .Values.secrets.encryptionKey }}" \ No newline at end of file diff --git a/charts/identity-gatekeeper/templates/secret.yaml b/charts/identity-gatekeeper/templates/secret.yaml new file mode 100644 index 0000000..b65ec9b --- /dev/null +++ b/charts/identity-gatekeeper/templates/secret.yaml @@ -0,0 +1,13 @@ +{{- if and (.Values.secrets.clientSecret) (.Values.secrets.encryptionKey) -}} +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: {{ include "identity-gatekeeper.name" . }} + labels: + {{- include "identity-gatekeeper.labels" . | nindent 4 }} + namespace: {{ .Release.Namespace }} +data: + PROXY_CLIENT_SECRET: "{{ .Values.secrets.clientSecret }}" + PROXY_ENCRYPTION_KEY: "{{ .Values.secrets.encryptionKey }}" +{{- end }} \ No newline at end of file diff --git a/charts/identity-gatekeeper/values.yaml b/charts/identity-gatekeeper/values.yaml index a257ef2..5098358 100644 --- a/charts/identity-gatekeeper/values.yaml +++ b/charts/identity-gatekeeper/values.yaml @@ -85,14 +85,14 @@ ingress: annotations: cert-manager.io/cluster-issuer: letsencrypt hosts: - - host: identity.gatekeeper.develop.eoepca.org + - host: identity.gatekeeper.myplatform.eoepca.org paths: - path: / pathType: Prefix tls: - secretName: identity-gatekeeper-tls-certificate hosts: - - identity.gatekeeper.develop.eoepca.org + - identity.gatekeeper.myplatform.eoepca.org autoscaling: enabled: false minReplicas: 1 @@ -112,12 +112,12 @@ metrics: interval: config: client-id: dummy-service - discovery-url: https://identity.keycloak.develop.eoepca.org/realms/master + discovery-url: https://identity.keycloak.myplatform.eoepca.org/realms/master no-redirects: true no-proxy: true enable-uma: true #enable-default-deny: true - cookie-domain: develop.eoepca.org + cookie-domain: myplatform.eoepca.org cookie-access-name: auth_user_id cookie-refresh-name: auth_refresh_token #secure-cookie: true @@ -130,5 +130,5 @@ config: listen: :3000 listen-admin: :4000 secrets: - clientSecret: AgAPJeLi8svAkTu0q3gu+bfeovANZqbqWsn66dy3FWLOIYIvca2uy+3E/cXLc3iVjlH5maF6NEobB7URLgR7doNHnjs9s6uzHYxxUzp41dx3F7u13KJEdeHk12R+mr0xFsv+viACwki+XL1RzJtWOTv1VTJV0QHf0jqylgvjGnxvH45yk9AqWxBZPQzIjI2/y6HtmTbJAVFqnUz/3cznPQAibX3f0Re4iSjWDiv5QpfTguGRyg1caP3ngby3L8HINPjMpuGXWDxWzji3ciRxoL0/C3Y6mK1JhR80pQxP4G3entonClU0KdcHEjlsDkHtoqqpoTmTkl1gjwurUeZ5+3W2/GXuI0df+jyLG4SE9rXa0PWexgo3AiiBnAjAkFW/g4/ITWkWmkvEH5Iwv13eLWYMxZxm5zm47GXPeJEllgRLzrPCkd16h+fQ0SLQmh/dNFyTGZcknpZFpe+Tcoxa71rzHtYSZN35XLqFfS77m/O/UE0eIdjbtt70sNgEQIK/brBCmcSElfZ5aiKgbFU2yhabLVYZ93PXM2pPJns3IjSmRiJXS639kEJ8BywU5GVPoATG5hgpew3OpYEaO3gg1LD9kkH8caj+9palaBUhBQ8UJgRbeO3k5Fi/BTueoDk1XY7tVV7CuxZPMfJNcJsQxIRnxxMONNfLFWI0LPvMI/kkOkfZtyJsho8sFiHGOnJS+yMocK9OJAoepJ/fagUHdL/T71lSIEcfx+q4K7Uc3UNwQQ== - encryptionKey: AgBMu2WaXmyhciLf45Q+1kc6AyS3HSZyshDyzMlJVMMZw9lwAP9rUxmVKnVLKsAN8Kyyh6veVhBH7k3kzP1xeCrGN3ck30ZnmCgCTlH8QnEsg1SLaTfoln4MLZBPyi30oMcJuF8V2aWphv42dChopKoYCaOMW+11YG7/CTKsNbAugg4bS3CAG8cTzcLO8oyzXPsT8KMH+Jvj4U6ASpLsUG8S6tazBAqGLgiOeanLUcxNynsVr0XjwV6/lqJacX8Er8eDK8jiP/EiwZ7SmazPQ0FsUxCeQ5ogR3Pmz3d2KHgBoAKD05ohHhUa79gdIc6toF2gv0KvE2529zmBZIuoABqXjXio/V4ySMZE4lYGVMUcW9kwpskUhCkGbMusdD2B+EL+0cHaVSM6b70eUv1mLoySe4wYj7WX4EvxWVa4dk2JHOyzTnJh7x2jpLUsVszZbVL7J2lm4Ne7CdAxeTLAa/mqB5kqdTL0MoORLPgZmNGWtFrxLbSCe/TobYvJpUqit4t++AErxKvKzuXBB81nrO5sL5ZwCxdKHAVksbsveGfjesgBqJs50a8pfzcZJCg/sK/OWm2TQU0YyCJ+lZMp7pcrZ//CPJCc5yu96L1GiW+LZya3xE+G6Vq90glbMO7ss+FbI6sDbA0xYw/VS3kMqZnkPUmGlKCN61ECEhenKCNQItYAEkFlo+Z4vp11V71nS+EO30rUiMH9O5yFwxEyFPKpLDjryuwsaYReNFlcZyz+9g== \ No newline at end of file + clientSecret: "" + encryptionKey: "" \ No newline at end of file