From 5165583b9a7fd75d923fb7c2f411007b77751fc8 Mon Sep 17 00:00:00 2001 From: "franz.germann" Date: Wed, 16 Apr 2025 14:53:10 +0200 Subject: [PATCH] testing --- .../core/argocd-sso/argocd-sso-config.yaml | 27 ++++++++++--------- .../core/forgejo-sso/forgejo-sso-config.yaml | 6 ++--- 2 files changed, 17 insertions(+), 16 deletions(-) diff --git a/template/stacks/core/argocd-sso/argocd-sso-config.yaml b/template/stacks/core/argocd-sso/argocd-sso-config.yaml index 7553279..8461b3c 100644 --- a/template/stacks/core/argocd-sso/argocd-sso-config.yaml +++ b/template/stacks/core/argocd-sso/argocd-sso-config.yaml @@ -16,21 +16,22 @@ spec: containers: - name: push image: docker.io/library/ubuntu:22.04 - envFrom: - - secretRef: - name: auth-generic-oauth-secret # thats the external secret the job should wait for - - secretRef: - name: k8s-job-token # edpbuilder should create this automatically and feed it to this job + env: + - name: ARGOCD_CLIENT_SECRET + valueFrom: + secretKeyRef: + name: auth-generic-oauth-secret + key: client_secret + # envFrom: + # - secretRef: + # name: auth-generic-oauth-secret # thats the external secret the job should wait for + # - secretRef: + # name: k8s-job-token # edpbuilder should create this automatically and feed it to this job command: ["/bin/bash", "-c"] args: - | #! /bin/bash - if [[ "$client_secret" == "" ]]; - then - exit 1 - fi - apt -qq update apt -qq install git wget -y if [[ "$(uname -m)" == "x86_64" ]]; then @@ -45,14 +46,14 @@ spec: DOMAIN=192-168-197-2.c-one-infra.de GIT_USERNAME=giteaAdmin - GIT_PASSWORD=2e53bfe27b64a5aa4e8bc591e15b33cc92ff95fa + GIT_PASSWORD=a618f97ca89714d894d5bfc7ac47d0b76a7ec35a git config --global user.email "bot@bots.de" git config --global user.name "bot" - git clone https://${GIT_USERNAME}:${GIT_PASSWORD}@gitea-${DOMAIN}/giteaAdmin/edfbuilder.git + git clone https://${GIT_USERNAME}:${GIT_PASSWORD}@{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder.git cd edfbuilder - yq eval '.configs.cm."oidc.config" = "name: Keycloak\nissuer: https://192-168-197-2.c-one-infra.de/keycloak/realms/cnoe\nclientID: argocd\nclientSecret: $auth-generic-oauth-secret:client_secret\nrequestedScopes: [\"openid\", \"profile\", \"email\", \"groups\"]"' -i stacks/core/argocd/values.yaml + yq eval '.configs.cm."oidc.config" = "name: Keycloak\nissuer: https://{{{ .Env.DOMAIN }}}/keycloak/realms/cnoe\nclientID: argocd\nclientSecret: $auth-generic-oauth-secret:client_secret\nrequestedScopes: [\"openid\", \"profile\", \"email\", \"groups\"]"' -i stacks/core/argocd/values.yaml git add stacks/core/argocd/values.yaml git commit -m "adds Forgejo SSO config" diff --git a/template/stacks/core/forgejo-sso/forgejo-sso-config.yaml b/template/stacks/core/forgejo-sso/forgejo-sso-config.yaml index 228ee6f..cffcefa 100644 --- a/template/stacks/core/forgejo-sso/forgejo-sso-config.yaml +++ b/template/stacks/core/forgejo-sso/forgejo-sso-config.yaml @@ -45,19 +45,19 @@ spec: DOMAIN=192-168-197-2.c-one-infra.de GIT_USERNAME=giteaAdmin - GIT_PASSWORD=2e53bfe27b64a5aa4e8bc591e15b33cc92ff95fa + GIT_PASSWORD=a618f97ca89714d894d5bfc7ac47d0b76a7ec35a git config --global user.email "bot@bots.de" git config --global user.name "giteaAdmin" - git clone https://${GIT_USERNAME}:${GIT_PASSWORD}@gitea-${DOMAIN}/giteaAdmin/edfbuilder.git + git clone https://${GIT_USERNAME}:${GIT_PASSWORD}@{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder.git cd edfbuilder yq eval ".gitea.oauth = [ { \"name\": \"Keycloak\", \"provider\": \"openidConnect\", \"existingSecret\": \"auth-generic-oauth-secret\", - \"autoDiscoverUrl\": \"https://${DOMAIN}/keycloak/realms/cnoe/.well-known/openid-configuration\" + \"autoDiscoverUrl\": \"https://{{{ .Env.DOMAIN }}}/keycloak/realms/cnoe/.well-known/openid-configuration\" } ] | (.gitea.oauth[] | .name) |= (. style=\"single\")