adds external secret for forgejo client

2025-03-04 12:41:32 +01:00 · 2025-03-04 12:41:32 +01:00 · 6b18ed0443
commit 6b18ed0443
parent d0fb858a81
3 changed files with 22 additions and 10 deletions
--- a/template/stacks/core/forgejo/forgejo-sso/secret-forgejo.yaml
+++ b/template/stacks/core/forgejo/forgejo-sso/secret-forgejo.yaml
@ -0,0 +1,21 @@
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: auth-generic-oauth-secret
+  namespace: gitea 
+spec:
+  secretStoreRef:
+    name: keycloak
+    kind: ClusterSecretStore
+  refreshInterval: "0"
+  target:
+    name: auth-generic-oauth-secret
+    template:
+      engineVersion: v2
+      data:
+        client_secret: "{{.FORGEJO_CLIENT_SECRET}}"
+  data:
+    - secretKey: FORGEJO_CLIENT_SECRET
+      remoteRef:
+        key: keycloak-clients
+        property: FORGEJO_CLIENT_SECRET
--- a/template/stacks/core/forgejo/secret.yaml
+++ b/template/stacks/core/forgejo/secret.yaml
@ -1,9 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
-  name: forgejo-oidc
-  namespace: gitea
-type: Opaque
-stringData:
-  key: forgejo
-  secret: uWEGALJKmNyUojJaK5LAK0w4OCEEDpDu
--- a/template/stacks/core/forgejo/values.yaml
+++ b/template/stacks/core/forgejo/values.yaml
@ -31,7 +31,7 @@ gitea:
      ENABLE_AUTO_REGISTRATION: true
      ACCOUNT_LINKING: auto      
 #  oauth:
-#   - name: 'Keycloak'
+#    - name: 'Keycloak'
 #      provider: 'openidConnect'
 #      # key: 'forgejo'
 #      # secret: 'uWEGALJKmNyUojJaK5LAK0w4OCEEDpDu'