Compare commits
1 commit
developmen
...
kindserver
| Author | SHA1 | Date | |
|---|---|---|---|
|
cc07dbf719 |
9 changed files with 60 additions and 265 deletions
|
|
@ -1,29 +0,0 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: argocd-sso
|
||||
namespace: argocd
|
||||
labels:
|
||||
env: dev
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: default
|
||||
source:
|
||||
repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder
|
||||
targetRevision: HEAD
|
||||
path: "stacks/core/argocd-sso"
|
||||
destination:
|
||||
server: "https://kubernetes.default.svc"
|
||||
namespace: argocd
|
||||
syncPolicy:
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
automated:
|
||||
selfHeal: true
|
||||
retry:
|
||||
limit: -1
|
||||
backoff:
|
||||
duration: 15s
|
||||
factor: 1
|
||||
maxDuration: 15s
|
||||
|
|
@ -1,24 +0,0 @@
|
|||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: auth-generic-oauth-secret
|
||||
namespace: argocd
|
||||
spec:
|
||||
secretStoreRef:
|
||||
name: keycloak
|
||||
kind: ClusterSecretStore
|
||||
refreshInterval: "0"
|
||||
target:
|
||||
name: auth-generic-oauth-secret
|
||||
template:
|
||||
engineVersion: v2
|
||||
data:
|
||||
client_secret: "{{.ARGOCD_CLIENT_SECRET}}"
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/part-of: argocd
|
||||
data:
|
||||
- secretKey: ARGOCD_CLIENT_SECRET
|
||||
remoteRef:
|
||||
key: keycloak-clients
|
||||
property: ARGOCD_CLIENT_SECRET
|
||||
23
template/stacks/core/crossplane.yaml
Normal file
23
template/stacks/core/crossplane.yaml
Normal file
|
|
@ -0,0 +1,23 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: crossplane
|
||||
namespace: argocd
|
||||
labels:
|
||||
env: dev
|
||||
spec:
|
||||
project: default
|
||||
syncPolicy:
|
||||
automated:
|
||||
selfHeal: true
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
destination:
|
||||
name: in-cluster
|
||||
namespace: crossplane-system
|
||||
source:
|
||||
chart: crossplane
|
||||
repoURL: https://charts.crossplane.io/stable
|
||||
targetRevision: 1.18.0
|
||||
helm:
|
||||
releaseName: crossplane
|
||||
|
|
@ -29,17 +29,18 @@ spec:
|
|||
initContainers:
|
||||
- name: runner-register
|
||||
image: code.forgejo.org/forgejo/runner:6.3.1
|
||||
command:
|
||||
- "sh"
|
||||
- "-c"
|
||||
- |
|
||||
forgejo-runner \
|
||||
register \
|
||||
--no-interactive \
|
||||
--token ${RUNNER_SECRET} \
|
||||
--name ${RUNNER_NAME} \
|
||||
--instance ${FORGEJO_INSTANCE_URL} \
|
||||
--labels docker:docker://node:20-bookworm,ubuntu-22.04:docker://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/catthehackerubuntu:act-22.04,ubuntu-latest:docker://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/catthehackerubuntu:act-22.04
|
||||
command:
|
||||
- "forgejo-runner"
|
||||
- "register"
|
||||
- "--no-interactive"
|
||||
- "--token"
|
||||
- $(RUNNER_SECRET)
|
||||
- "--name"
|
||||
- $(RUNNER_NAME)
|
||||
- "--instance"
|
||||
- $(FORGEJO_INSTANCE_URL)
|
||||
- "--labels"
|
||||
- "docker:docker://node:20-bookworm,ubuntu-22.04:docker://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/catthehackerubuntu:act-22.04,ubuntu-latest:docker://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/catthehackerubuntu:act-22.04"
|
||||
env:
|
||||
- name: RUNNER_NAME
|
||||
valueFrom:
|
||||
|
|
|
|||
|
|
@ -1,29 +0,0 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: forgejo-sso
|
||||
namespace: argocd
|
||||
labels:
|
||||
env: dev
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: default
|
||||
source:
|
||||
repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder
|
||||
targetRevision: HEAD
|
||||
path: "stacks/core/forgejo-sso"
|
||||
destination:
|
||||
server: "https://kubernetes.default.svc"
|
||||
namespace: gitea
|
||||
syncPolicy:
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
automated:
|
||||
selfHeal: true
|
||||
retry:
|
||||
limit: -1
|
||||
backoff:
|
||||
duration: 15s
|
||||
factor: 1
|
||||
maxDuration: 15s
|
||||
|
|
@ -1,26 +0,0 @@
|
|||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: auth-generic-oauth-secret
|
||||
namespace: gitea
|
||||
spec:
|
||||
secretStoreRef:
|
||||
name: keycloak
|
||||
kind: ClusterSecretStore
|
||||
refreshInterval: "0"
|
||||
target:
|
||||
name: auth-generic-oauth-secret
|
||||
template:
|
||||
engineVersion: v2
|
||||
data:
|
||||
key: "{{.FORGEJO_CLIENT_ID}}"
|
||||
secret: "{{.FORGEJO_CLIENT_SECRET}}"
|
||||
data:
|
||||
- secretKey: FORGEJO_CLIENT_ID
|
||||
remoteRef:
|
||||
key: keycloak-clients
|
||||
property: FORGEJO_CLIENT_ID
|
||||
- secretKey: FORGEJO_CLIENT_SECRET
|
||||
remoteRef:
|
||||
key: keycloak-clients
|
||||
property: FORGEJO_CLIENT_SECRET
|
||||
|
|
@ -1,5 +1,5 @@
|
|||
redis-cluster:
|
||||
enabled: true
|
||||
enabled: false
|
||||
postgresql:
|
||||
enabled: false
|
||||
postgresql-ha:
|
||||
|
|
@ -16,11 +16,6 @@ gitea:
|
|||
admin:
|
||||
existingSecret: gitea-credential
|
||||
config:
|
||||
service:
|
||||
DISABLE_REGISTRATION: true
|
||||
other:
|
||||
SHOW_FOOTER_VERSION: false
|
||||
SHOW_FOOTER_TEMPLATE_LOAD_TIME: false
|
||||
database:
|
||||
DB_TYPE: sqlite3
|
||||
session:
|
||||
|
|
|
|||
|
|
@ -264,8 +264,7 @@ spec:
|
|||
name: gitea-credentials
|
||||
- secretRef:
|
||||
name: argocd-credentials
|
||||
image: forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/backstage-edp:1.1.0
|
||||
imagePullPolicy: Always
|
||||
image: forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/backstage-edp:development
|
||||
name: backstage
|
||||
ports:
|
||||
- containerPort: 7007
|
||||
|
|
|
|||
|
|
@ -71,11 +71,11 @@ data:
|
|||
},
|
||||
"type": "default",
|
||||
"protocol": "openid-connect"
|
||||
}
|
||||
}
|
||||
group-admin-payload.json: |
|
||||
{"name":"admin"}
|
||||
{"name":"admin"}
|
||||
group-base-user-payload.json: |
|
||||
{"name":"base-user"}
|
||||
{"name":"base-user"}
|
||||
group-mapper-payload.json: |
|
||||
{
|
||||
"protocol": "openid-connect",
|
||||
|
|
@ -88,15 +88,15 @@ data:
|
|||
"access.token.claim": "true",
|
||||
"userinfo.token.claim": "true"
|
||||
}
|
||||
}
|
||||
}
|
||||
realm-payload.json: |
|
||||
{"realm":"cnoe","enabled":true}
|
||||
{"realm":"cnoe","enabled":true}
|
||||
user-password.json: |
|
||||
{
|
||||
"temporary": false,
|
||||
"type": "password",
|
||||
"value": "${USER1_PASSWORD}"
|
||||
}
|
||||
}
|
||||
user-user1.json: |
|
||||
{
|
||||
"username": "user1",
|
||||
|
|
@ -109,7 +109,7 @@ data:
|
|||
"/admin"
|
||||
],
|
||||
"enabled": true
|
||||
}
|
||||
}
|
||||
user-user2.json: |
|
||||
{
|
||||
"username": "user2",
|
||||
|
|
@ -122,7 +122,7 @@ data:
|
|||
"/base-user"
|
||||
],
|
||||
"enabled": true
|
||||
}
|
||||
}
|
||||
argo-client-payload.json: |
|
||||
{
|
||||
"protocol": "openid-connect",
|
||||
|
|
@ -150,7 +150,7 @@ data:
|
|||
"webOrigins": [
|
||||
"/*"
|
||||
]
|
||||
}
|
||||
}
|
||||
|
||||
backstage-client-payload.json: |
|
||||
{
|
||||
|
|
@ -179,7 +179,7 @@ data:
|
|||
"webOrigins": [
|
||||
"/*"
|
||||
]
|
||||
}
|
||||
}
|
||||
|
||||
grafana-client-payload.json: |
|
||||
{
|
||||
|
|
@ -219,64 +219,6 @@ data:
|
|||
]
|
||||
}
|
||||
|
||||
argocd-client-payload.json: |
|
||||
{
|
||||
"protocol": "openid-connect",
|
||||
"clientId": "argocd",
|
||||
"name": "ArgoCD Client",
|
||||
"description": "Used for ArgoCD SSO",
|
||||
"publicClient": false,
|
||||
"authorizationServicesEnabled": false,
|
||||
"serviceAccountsEnabled": false,
|
||||
"implicitFlowEnabled": false,
|
||||
"directAccessGrantsEnabled": true,
|
||||
"standardFlowEnabled": true,
|
||||
"frontchannelLogout": true,
|
||||
"attributes": {
|
||||
"saml_idp_initiated_sso_url_name": "",
|
||||
"oauth2.device.authorization.grant.enabled": false,
|
||||
"oidc.ciba.grant.enabled": false
|
||||
},
|
||||
"alwaysDisplayInConsole": false,
|
||||
"rootUrl": "",
|
||||
"baseUrl": "",
|
||||
"redirectUris": [
|
||||
"https://{{{ .Env.DOMAIN }}}/*"
|
||||
],
|
||||
"webOrigins": [
|
||||
"/*"
|
||||
]
|
||||
}
|
||||
|
||||
forgejo-client-payload.json: |
|
||||
{
|
||||
"protocol": "openid-connect",
|
||||
"clientId": "forgejo",
|
||||
"name": "Forgejo Client",
|
||||
"description": "Used for Forgejo SSO",
|
||||
"publicClient": false,
|
||||
"authorizationServicesEnabled": false,
|
||||
"serviceAccountsEnabled": false,
|
||||
"implicitFlowEnabled": false,
|
||||
"directAccessGrantsEnabled": true,
|
||||
"standardFlowEnabled": true,
|
||||
"frontchannelLogout": true,
|
||||
"attributes": {
|
||||
"saml_idp_initiated_sso_url_name": "",
|
||||
"oauth2.device.authorization.grant.enabled": false,
|
||||
"oidc.ciba.grant.enabled": false
|
||||
},
|
||||
"alwaysDisplayInConsole": false,
|
||||
"rootUrl": "",
|
||||
"baseUrl": "",
|
||||
"redirectUris": [
|
||||
"https://{{{ .Env.DOMAIN_GITEA }}}/*"
|
||||
],
|
||||
"webOrigins": [
|
||||
"/*"
|
||||
]
|
||||
}
|
||||
|
||||
---
|
||||
apiVersion: batch/v1
|
||||
kind: Job
|
||||
|
|
@ -312,7 +254,7 @@ spec:
|
|||
command: ["/bin/bash", "-c"]
|
||||
args:
|
||||
- |
|
||||
#! /bin/bash
|
||||
#! /bin/bash
|
||||
|
||||
set -ex -o pipefail
|
||||
|
||||
|
|
@ -373,7 +315,7 @@ spec:
|
|||
${KEYCLOAK_URL}/admin/realms/cnoe/groups
|
||||
|
||||
# Create scope mapper
|
||||
echo 'adding group claim to tokens'
|
||||
echo 'adding group claim to tokens'
|
||||
CLIENT_SCOPE_GROUPS_ID=$(curl -sS -H "Content-Type: application/json" -H "Authorization: bearer ${KEYCLOAK_TOKEN}" -X GET ${KEYCLOAK_URL}/admin/realms/cnoe/client-scopes | jq -e -r '.[] | select(.name == "groups") | .id')
|
||||
|
||||
curl -sS -H "Content-Type: application/json" \
|
||||
|
|
@ -413,8 +355,8 @@ spec:
|
|||
echo "creating Argo Workflows client"
|
||||
curl -sS -H "Content-Type: application/json" \
|
||||
-H "Authorization: bearer ${KEYCLOAK_TOKEN}" \
|
||||
-X POST --data @/var/config/argo-client-payload.json \
|
||||
${KEYCLOAK_URL}/admin/realms/cnoe/clients
|
||||
-X POST --data @/var/config/argo-client-payload.json \
|
||||
${KEYCLOAK_URL}/admin/realms/cnoe/clients
|
||||
|
||||
CLIENT_ID=$(curl -sS -H "Content-Type: application/json" \
|
||||
-H "Authorization: bearer ${KEYCLOAK_TOKEN}" \
|
||||
|
|
@ -428,26 +370,21 @@ spec:
|
|||
-X PUT ${KEYCLOAK_URL}/admin/realms/cnoe/clients/${CLIENT_ID}/default-client-scopes/${CLIENT_SCOPE_GROUPS_ID}
|
||||
|
||||
ARGO_WORKFLOWS_CLIENT_SECRET=$(curl -sS -H "Content-Type: application/json" \
|
||||
-H "Authorization: bearer ${KEYCLOAK_TOKEN}" \
|
||||
-X GET ${KEYCLOAK_URL}/admin/realms/cnoe/clients/${CLIENT_ID} | jq -e -r '.secret')
|
||||
-H "Authorization: bearer ${KEYCLOAK_TOKEN}" \
|
||||
-X GET ${KEYCLOAK_URL}/admin/realms/cnoe/clients/${CLIENT_ID} | jq -e -r '.secret')
|
||||
|
||||
echo "creating Grafana client"
|
||||
curl -sS -H "Content-Type: application/json" \
|
||||
-H "Authorization: bearer ${KEYCLOAK_TOKEN}" \
|
||||
-X POST --data @/var/config/grafana-client-payload.json \
|
||||
${KEYCLOAK_URL}/admin/realms/cnoe/clients
|
||||
${KEYCLOAK_URL}/admin/realms/cnoe/clients
|
||||
|
||||
CLIENT_ID=$(curl -sS -H "Content-Type: application/json" \
|
||||
-H "Authorization: bearer ${KEYCLOAK_TOKEN}" \
|
||||
-X GET ${KEYCLOAK_URL}/admin/realms/cnoe/clients | jq -e -r '.[] | select(.clientId == "grafana") | .id')
|
||||
|
||||
CLIENT_SCOPE_GROUPS_ID=$(curl -sS -H "Content-Type: application/json" \
|
||||
-H "Authorization: bearer ${KEYCLOAK_TOKEN}" \
|
||||
-X GET ${KEYCLOAK_URL}/admin/realms/cnoe/client-scopes | jq -e -r '.[] | select(.name == "groups") | .id')
|
||||
|
||||
curl -sS -H "Content-Type: application/json" \
|
||||
-H "Authorization: bearer ${KEYCLOAK_TOKEN}" \
|
||||
-X PUT ${KEYCLOAK_URL}/admin/realms/cnoe/clients/${CLIENT_ID}/default-client-scopes/${CLIENT_SCOPE_GROUPS_ID}
|
||||
CLIENT_SCOPE_GROUPS_ID=$(curl -sS -H "Content-Type: application/json" -H "Authorization: bearer ${KEYCLOAK_TOKEN}" -X GET ${KEYCLOAK_URL}/admin/realms/cnoe/client-scopes | jq -e -r '.[] | select(.name == "groups") | .id')
|
||||
curl -sS -H "Content-Type: application/json" -H "Authorization: bearer ${KEYCLOAK_TOKEN}" -X PUT ${KEYCLOAK_URL}/admin/realms/cnoe/clients/${CLIENT_ID}/default-client-scopes/${CLIENT_SCOPE_GROUPS_ID}
|
||||
|
||||
GRAFANA_CLIENT_SECRET=$(curl -sS -H "Content-Type: application/json" \
|
||||
-H "Authorization: bearer ${KEYCLOAK_TOKEN}" \
|
||||
|
|
@ -457,68 +394,19 @@ spec:
|
|||
curl -sS -H "Content-Type: application/json" \
|
||||
-H "Authorization: bearer ${KEYCLOAK_TOKEN}" \
|
||||
-X POST --data @/var/config/backstage-client-payload.json \
|
||||
${KEYCLOAK_URL}/admin/realms/cnoe/clients
|
||||
${KEYCLOAK_URL}/admin/realms/cnoe/clients
|
||||
|
||||
CLIENT_ID=$(curl -sS -H "Content-Type: application/json" \
|
||||
-H "Authorization: bearer ${KEYCLOAK_TOKEN}" \
|
||||
-X GET ${KEYCLOAK_URL}/admin/realms/cnoe/clients | jq -e -r '.[] | select(.clientId == "backstage") | .id')
|
||||
|
||||
CLIENT_SCOPE_GROUPS_ID=$(curl -sS -H "Content-Type: application/json" \
|
||||
-H "Authorization: bearer ${KEYCLOAK_TOKEN}" \
|
||||
-X GET ${KEYCLOAK_URL}/admin/realms/cnoe/client-scopes | jq -e -r '.[] | select(.name == "groups") | .id')
|
||||
|
||||
curl -sS -H "Content-Type: application/json" \
|
||||
-H "Authorization: bearer ${KEYCLOAK_TOKEN}" \
|
||||
-X PUT ${KEYCLOAK_URL}/admin/realms/cnoe/clients/${CLIENT_ID}/default-client-scopes/${CLIENT_SCOPE_GROUPS_ID}
|
||||
CLIENT_SCOPE_GROUPS_ID=$(curl -sS -H "Content-Type: application/json" -H "Authorization: bearer ${KEYCLOAK_TOKEN}" -X GET ${KEYCLOAK_URL}/admin/realms/cnoe/client-scopes | jq -e -r '.[] | select(.name == "groups") | .id')
|
||||
curl -sS -H "Content-Type: application/json" -H "Authorization: bearer ${KEYCLOAK_TOKEN}" -X PUT ${KEYCLOAK_URL}/admin/realms/cnoe/clients/${CLIENT_ID}/default-client-scopes/${CLIENT_SCOPE_GROUPS_ID}
|
||||
|
||||
BACKSTAGE_CLIENT_SECRET=$(curl -sS -H "Content-Type: application/json" \
|
||||
-H "Authorization: bearer ${KEYCLOAK_TOKEN}" \
|
||||
-X GET ${KEYCLOAK_URL}/admin/realms/cnoe/clients/${CLIENT_ID} | jq -e -r '.secret')
|
||||
|
||||
echo "creating ArgoCD client"
|
||||
curl -sS -H "Content-Type: application/json" \
|
||||
-H "Authorization: bearer ${KEYCLOAK_TOKEN}" \
|
||||
-X POST --data @/var/config/argocd-client-payload.json \
|
||||
${KEYCLOAK_URL}/admin/realms/cnoe/clients
|
||||
|
||||
CLIENT_ID=$(curl -sS -H "Content-Type: application/json" \
|
||||
-H "Authorization: bearer ${KEYCLOAK_TOKEN}" \
|
||||
-X GET ${KEYCLOAK_URL}/admin/realms/cnoe/clients | jq -e -r '.[] | select(.clientId == "argocd") | .id')
|
||||
|
||||
CLIENT_SCOPE_GROUPS_ID=$(curl -sS -H "Content-Type: application/json" \
|
||||
-H "Authorization: bearer ${KEYCLOAK_TOKEN}" \
|
||||
-X GET ${KEYCLOAK_URL}/admin/realms/cnoe/client-scopes | jq -e -r '.[] | select(.name == "groups") | .id')
|
||||
|
||||
curl -sS -H "Content-Type: application/json" \
|
||||
-H "Authorization: bearer ${KEYCLOAK_TOKEN}" \
|
||||
-X PUT ${KEYCLOAK_URL}/admin/realms/cnoe/clients/${CLIENT_ID}/default-client-scopes/${CLIENT_SCOPE_GROUPS_ID}
|
||||
|
||||
ARGOCD_CLIENT_SECRET=$(curl -sS -H "Content-Type: application/json" \
|
||||
-H "Authorization: bearer ${KEYCLOAK_TOKEN}" \
|
||||
-X GET ${KEYCLOAK_URL}/admin/realms/cnoe/clients/${CLIENT_ID} | jq -e -r '.secret')
|
||||
|
||||
echo "creating Forgejo client"
|
||||
curl -sS -H "Content-Type: application/json" \
|
||||
-H "Authorization: bearer ${KEYCLOAK_TOKEN}" \
|
||||
-X POST --data @/var/config/forgejo-client-payload.json \
|
||||
${KEYCLOAK_URL}/admin/realms/cnoe/clients
|
||||
|
||||
CLIENT_ID=$(curl -sS -H "Content-Type: application/json" \
|
||||
-H "Authorization: bearer ${KEYCLOAK_TOKEN}" \
|
||||
-X GET ${KEYCLOAK_URL}/admin/realms/cnoe/clients | jq -e -r '.[] | select(.clientId == "forgejo") | .id')
|
||||
|
||||
CLIENT_SCOPE_GROUPS_ID=$(curl -sS -H "Content-Type: application/json" \
|
||||
-H "Authorization: bearer ${KEYCLOAK_TOKEN}" \
|
||||
-X GET ${KEYCLOAK_URL}/admin/realms/cnoe/client-scopes | jq -e -r '.[] | select(.name == "groups") | .id')
|
||||
|
||||
curl -sS -H "Content-Type: application/json" \
|
||||
-H "Authorization: bearer ${KEYCLOAK_TOKEN}" \
|
||||
-X PUT ${KEYCLOAK_URL}/admin/realms/cnoe/clients/${CLIENT_ID}/default-client-scopes/${CLIENT_SCOPE_GROUPS_ID}
|
||||
|
||||
FORGEJO_CLIENT_SECRET=$(curl -sS -H "Content-Type: application/json" \
|
||||
-H "Authorization: bearer ${KEYCLOAK_TOKEN}" \
|
||||
-X GET ${KEYCLOAK_URL}/admin/realms/cnoe/clients/${CLIENT_ID} | jq -e -r '.secret')
|
||||
|
||||
ARGOCD_PASSWORD=$(./kubectl -n argocd get secret argocd-initial-admin-secret -o go-template='{{.data.password | base64decode }}')
|
||||
|
||||
ARGOCD_SESSION_TOKEN=$(curl -sS https://{{{ .Env.DOMAIN }}}/argocd/api/v1/session -H 'Content-Type: application/json' -d "{\"username\":\"admin\",\"password\":\"${ARGOCD_PASSWORD}\"}" | jq -r .token)
|
||||
|
|
@ -538,10 +426,7 @@ spec:
|
|||
BACKSTAGE_CLIENT_ID: backstage
|
||||
GRAFANA_CLIENT_SECRET: ${GRAFANA_CLIENT_SECRET}
|
||||
GRAFANA_CLIENT_ID: grafana
|
||||
ARGOCD_CLIENT_SECRET: ${ARGOCD_CLIENT_SECRET}
|
||||
ARGOCD_CLIENT_ID: argocd
|
||||
FORGEJO_CLIENT_SECRET: ${FORGEJO_CLIENT_SECRET}
|
||||
FORGEJO_CLIENT_ID: forgejo
|
||||
" > /tmp/secret.yaml
|
||||
|
||||
./kubectl apply -f /tmp/secret.yaml
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue