From 266dce0b6c56746f074525fb13ba0d74f435bed6 Mon Sep 17 00:00:00 2001 From: "franz.germann" Date: Tue, 18 Mar 2025 10:18:29 +0100 Subject: [PATCH] adds argocd application for argocd-sso --- template/stacks/core/argocd-sso.yaml | 29 +++++++++++++++++++ .../stacks/core/argocd-sso/argocd-secret.yaml | 21 ++++++++++++++ .../core/argocd/argocd-sso/argocd-secret.yaml | 11 ------- .../keycloak/manifests/keycloak-config.yaml | 3 +- 4 files changed, 51 insertions(+), 13 deletions(-) create mode 100644 template/stacks/core/argocd-sso.yaml create mode 100644 template/stacks/core/argocd-sso/argocd-secret.yaml delete mode 100644 template/stacks/core/argocd/argocd-sso/argocd-secret.yaml diff --git a/template/stacks/core/argocd-sso.yaml b/template/stacks/core/argocd-sso.yaml new file mode 100644 index 0000000..e7e37d1 --- /dev/null +++ b/template/stacks/core/argocd-sso.yaml @@ -0,0 +1,29 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: argocd-sso + namespace: argocd + labels: + env: dev + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + source: + repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder + targetRevision: HEAD + path: "stacks/core/argocd-sso" + destination: + server: "https://kubernetes.default.svc" + namespace: monitoring + syncPolicy: + syncOptions: + - CreateNamespace=true + automated: + selfHeal: true + retry: + limit: -1 + backoff: + duration: 15s + factor: 1 + maxDuration: 15s \ No newline at end of file diff --git a/template/stacks/core/argocd-sso/argocd-secret.yaml b/template/stacks/core/argocd-sso/argocd-secret.yaml new file mode 100644 index 0000000..0ca7b1c --- /dev/null +++ b/template/stacks/core/argocd-sso/argocd-secret.yaml @@ -0,0 +1,21 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: auth-generic-oauth-secret + namespace: argocd +spec: + secretStoreRef: + name: keycloak + kind: ClusterSecretStore + refreshInterval: "0" + target: + name: auth-generic-oauth-secret + template: + engineVersion: v2 + data: + client_secret: "{{.ARGOCD_CLIENT_SECRET}}" + data: + - secretKey: ARGOCD_CLIENT_SECRET + remoteRef: + key: keycloak-clients + property: ARGOCD_CLIENT_SECRET \ No newline at end of file diff --git a/template/stacks/core/argocd/argocd-sso/argocd-secret.yaml b/template/stacks/core/argocd/argocd-sso/argocd-secret.yaml deleted file mode 100644 index 438dd40..0000000 --- a/template/stacks/core/argocd/argocd-sso/argocd-secret.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - labels: - app.kubernetes.io/part-of: argocd - name: keycloak-oidc - namespace: argocd -type: Opaque -data: - clientSecret: RktYc3hFWXJabW5RbnlmdDdKbXpUUTF6OEZvalV1cnUK -immutable: false diff --git a/template/stacks/ref-implementation/keycloak/manifests/keycloak-config.yaml b/template/stacks/ref-implementation/keycloak/manifests/keycloak-config.yaml index a8e2995..fd6e12c 100644 --- a/template/stacks/ref-implementation/keycloak/manifests/keycloak-config.yaml +++ b/template/stacks/ref-implementation/keycloak/manifests/keycloak-config.yaml @@ -500,5 +500,4 @@ spec: ARGOCD_CLIENT_ID: argocd " > /tmp/secret.yaml - ./kubectl apply -f /tmp/secret.yaml - + ./kubectl apply -f /tmp/secret.yaml \ No newline at end of file