adds external secret for forgejo client

template/stacks/core/forgejo/forgejo-sso/secret-forgejo.yaml

@@ -0,0 +1,21 @@
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: auth-generic-oauth-secret
+  namespace: gitea 
+spec:
+  secretStoreRef:
+    name: keycloak
+    kind: ClusterSecretStore
+  refreshInterval: "0"
+  target:
+    name: auth-generic-oauth-secret
+    template:
+      engineVersion: v2
+      data:
+        client_secret: "{{.FORGEJO_CLIENT_SECRET}}"
+  data:
+    - secretKey: FORGEJO_CLIENT_SECRET
+      remoteRef:
+        key: keycloak-clients
+        property: FORGEJO_CLIENT_SECRET

template/stacks/core/forgejo/secret.yaml

@@ -1,9 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
-  name: forgejo-oidc
-  namespace: gitea
-type: Opaque
-stringData:
-  key: forgejo
-  secret: uWEGALJKmNyUojJaK5LAK0w4OCEEDpDu