Removed merge artifacts
This commit is contained in:
parent
fbfc42cf47
commit
cd4abc47b9
7 changed files with 0 additions and 261 deletions
|
|
@ -1,29 +0,0 @@
|
|||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: forgejo-access-token
|
||||
namespace: argocd
|
||||
spec:
|
||||
secretStoreRef:
|
||||
name: gitea
|
||||
kind: ClusterSecretStore
|
||||
refreshInterval: "0"
|
||||
target:
|
||||
name: forgejo-access-token
|
||||
template:
|
||||
engineVersion: v2
|
||||
data:
|
||||
forgejo_username: "{{.FORGEJO_ACCESS_USERNAME}}"
|
||||
forgejo_token: "{{.FORGEJO_ACCESS_TOKEN}}"
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/part-of: argocd
|
||||
data:
|
||||
- secretKey: FORGEJO_ACCESS_USERNAME
|
||||
remoteRef:
|
||||
key: forgejo-access-token
|
||||
property: username
|
||||
- secretKey: FORGEJO_ACCESS_TOKEN
|
||||
remoteRef:
|
||||
key: forgejo-access-token
|
||||
property: token
|
||||
|
|
@ -1,24 +0,0 @@
|
|||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: auth-generic-oauth-secret
|
||||
namespace: argocd
|
||||
spec:
|
||||
secretStoreRef:
|
||||
name: keycloak
|
||||
kind: ClusterSecretStore
|
||||
refreshInterval: "0"
|
||||
target:
|
||||
name: auth-generic-oauth-secret
|
||||
template:
|
||||
engineVersion: v2
|
||||
data:
|
||||
client_secret: "{{.ARGOCD_CLIENT_SECRET}}"
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/part-of: argocd
|
||||
data:
|
||||
- secretKey: ARGOCD_CLIENT_SECRET
|
||||
remoteRef:
|
||||
key: keycloak-clients
|
||||
property: ARGOCD_CLIENT_SECRET
|
||||
|
|
@ -1,54 +0,0 @@
|
|||
---
|
||||
apiVersion: batch/v1
|
||||
kind: Job
|
||||
metadata:
|
||||
name: argocd-config
|
||||
namespace: argocd
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
generateName: argocd-config-
|
||||
spec:
|
||||
restartPolicy: OnFailure
|
||||
containers:
|
||||
- name: push
|
||||
image: docker.io/library/ubuntu:22.04
|
||||
env:
|
||||
- name: FORGEJO_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: forgejo-access-token
|
||||
key: forgejo_username
|
||||
- name: FORGEJO_TOKEN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: forgejo-access-token
|
||||
key: forgejo_token
|
||||
command: ["/bin/bash", "-c"]
|
||||
args:
|
||||
- |
|
||||
#! /bin/bash
|
||||
|
||||
apt -qq update
|
||||
apt -qq install git wget -y
|
||||
if [[ "$(uname -m)" == "x86_64" ]]; then
|
||||
wget https://github.com/mikefarah/yq/releases/download/v4.44.3/yq_linux_amd64
|
||||
install yq_linux_amd64 /usr/local/bin/yq
|
||||
rm yq_linux_amd64
|
||||
else
|
||||
wget https://github.com/mikefarah/yq/releases/download/v4.44.3/yq_linux_arm64
|
||||
install yq_linux_arm64 /usr/local/bin/yq
|
||||
rm yq_linux_arm64
|
||||
fi
|
||||
|
||||
git config --global user.email "bot@bots.de"
|
||||
git config --global user.name "bot"
|
||||
|
||||
git clone https://${FORGEJO_USER}:${FORGEJO_TOKEN}@{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder.git
|
||||
cd edfbuilder
|
||||
yq eval '.configs.cm."oidc.config" = "name: Keycloak\nissuer: https://{{{ .Env.DOMAIN }}}/keycloak/realms/cnoe\nclientID: argocd\nclientSecret: $auth-generic-oauth-secret:client_secret\nrequestedScopes: [\"openid\", \"profile\", \"email\", \"groups\"]"' -i stacks/core/argocd/values.yaml
|
||||
|
||||
git add stacks/core/argocd/values.yaml
|
||||
git commit -m "adds Forgejo SSO config"
|
||||
git push
|
||||
backoffLimit: 99
|
||||
|
|
@ -1,26 +0,0 @@
|
|||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: forgejo-access-token
|
||||
namespace: gitea
|
||||
spec:
|
||||
secretStoreRef:
|
||||
name: gitea
|
||||
kind: ClusterSecretStore
|
||||
refreshInterval: "0"
|
||||
target:
|
||||
name: forgejo-access-token
|
||||
template:
|
||||
engineVersion: v2
|
||||
data:
|
||||
forgejo_username: "{{.FORGEJO_ACCESS_USERNAME}}"
|
||||
forgejo_token: "{{.FORGEJO_ACCESS_TOKEN}}"
|
||||
data:
|
||||
- secretKey: FORGEJO_ACCESS_USERNAME
|
||||
remoteRef:
|
||||
key: forgejo-access-token
|
||||
property: username
|
||||
- secretKey: FORGEJO_ACCESS_TOKEN
|
||||
remoteRef:
|
||||
key: forgejo-access-token
|
||||
property: token
|
||||
|
|
@ -1,26 +0,0 @@
|
|||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: auth-generic-oauth-secret
|
||||
namespace: gitea
|
||||
spec:
|
||||
secretStoreRef:
|
||||
name: keycloak
|
||||
kind: ClusterSecretStore
|
||||
refreshInterval: "0"
|
||||
target:
|
||||
name: auth-generic-oauth-secret
|
||||
template:
|
||||
engineVersion: v2
|
||||
data:
|
||||
key: "{{.FORGEJO_CLIENT_ID}}"
|
||||
secret: "{{.FORGEJO_CLIENT_SECRET}}"
|
||||
data:
|
||||
- secretKey: FORGEJO_CLIENT_ID
|
||||
remoteRef:
|
||||
key: keycloak-clients
|
||||
property: FORGEJO_CLIENT_ID
|
||||
- secretKey: FORGEJO_CLIENT_SECRET
|
||||
remoteRef:
|
||||
key: keycloak-clients
|
||||
property: FORGEJO_CLIENT_SECRET
|
||||
|
|
@ -1,76 +0,0 @@
|
|||
---
|
||||
apiVersion: batch/v1
|
||||
kind: Job
|
||||
metadata:
|
||||
name: forgejo-config
|
||||
namespace: gitea
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
generateName: forgejo-config-
|
||||
spec:
|
||||
restartPolicy: OnFailure
|
||||
containers:
|
||||
- name: push
|
||||
image: docker.io/library/ubuntu:22.04
|
||||
env:
|
||||
- name: FORGEJO_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: forgejo-access-token
|
||||
key: forgejo_username
|
||||
- name: FORGEJO_TOKEN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: forgejo-access-token
|
||||
key: forgejo_token
|
||||
command: ["/bin/bash", "-c"]
|
||||
args:
|
||||
- |
|
||||
#! /bin/bash
|
||||
|
||||
apt -qq update
|
||||
apt -qq install git wget -y
|
||||
if [[ "$(uname -m)" == "x86_64" ]]; then
|
||||
wget https://github.com/mikefarah/yq/releases/download/v4.44.3/yq_linux_amd64
|
||||
install yq_linux_amd64 /usr/local/bin/yq
|
||||
rm yq_linux_amd64
|
||||
else
|
||||
wget https://github.com/mikefarah/yq/releases/download/v4.44.3/yq_linux_arm64
|
||||
install yq_linux_arm64 /usr/local/bin/yq
|
||||
rm yq_linux_arm64
|
||||
fi
|
||||
|
||||
git config --global user.email "bot@bots.de"
|
||||
git config --global user.name "giteaAdmin"
|
||||
|
||||
git clone https://${FORGEJO_USER}:${FORGEJO_TOKEN}@{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder.git
|
||||
cd edfbuilder
|
||||
yq eval ".gitea.oauth = [
|
||||
{
|
||||
\"name\": \"Keycloak\",
|
||||
\"provider\": \"openidConnect\",
|
||||
\"existingSecret\": \"auth-generic-oauth-secret\",
|
||||
\"autoDiscoverUrl\": \"https://{{{ .Env.DOMAIN }}}/keycloak/realms/cnoe/.well-known/openid-configuration\"
|
||||
}
|
||||
] |
|
||||
(.gitea.oauth[] | .name) |= (. style=\"single\")
|
||||
|
|
||||
(.gitea.oauth[] | .provider) |= (. style=\"single\")
|
||||
|
|
||||
(.gitea.oauth[] | .existingSecret) |= (. style=\"single\")
|
||||
|
|
||||
(.gitea.oauth[] | .autoDiscoverUrl) |= (. style=\"single\")
|
||||
" -i stacks/core/forgejo/values.yaml
|
||||
|
||||
yq eval '.gitea.config.oauth2_client =
|
||||
{
|
||||
"ENABLE_AUTO_REGISTRATION" : true,
|
||||
"ACCOUNT_LINKING" : "auto"
|
||||
}
|
||||
' -i stacks/core/forgejo/values.yaml
|
||||
|
||||
git add stacks/core/forgejo/values.yaml
|
||||
git commit -m "adds Forgejo SSO config"
|
||||
git push
|
||||
backoffLimit: 99
|
||||
|
|
@ -1,26 +0,0 @@
|
|||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: auth-generic-oauth-secret
|
||||
namespace: gitea
|
||||
spec:
|
||||
secretStoreRef:
|
||||
name: keycloak
|
||||
kind: ClusterSecretStore
|
||||
refreshInterval: "0"
|
||||
target:
|
||||
name: auth-generic-oauth-secret
|
||||
template:
|
||||
engineVersion: v2
|
||||
data:
|
||||
key: "{{.FORGEJO_CLIENT_ID}}"
|
||||
secret: "{{.FORGEJO_CLIENT_SECRET}}"
|
||||
data:
|
||||
- secretKey: FORGEJO_CLIENT_ID
|
||||
remoteRef:
|
||||
key: keycloak-clients
|
||||
property: FORGEJO_CLIENT_ID
|
||||
- secretKey: FORGEJO_CLIENT_SECRET
|
||||
remoteRef:
|
||||
key: keycloak-clients
|
||||
property: FORGEJO_CLIENT_SECRET
|
||||
Loading…
Reference in a new issue