From 318990ce84b003dc82c96a8f4754071224f33262 Mon Sep 17 00:00:00 2001
From: alexlebens <alexanderlebens@gmail.com>
Date: Tue, 2 Jul 2024 11:07:01 -0500
Subject: [PATCH] chnage oidc config

---
 .../headlamp/templates/external-secret.yaml   | 20 ++++++++++++++++---
 .../cl01tl/management/headlamp/values.yaml    | 17 ++--------------
 2 files changed, 19 insertions(+), 18 deletions(-)

diff --git a/clusters/cl01tl/management/headlamp/templates/external-secret.yaml b/clusters/cl01tl/management/headlamp/templates/external-secret.yaml
index 21e523f65..974fb8797 100644
--- a/clusters/cl01tl/management/headlamp/templates/external-secret.yaml
+++ b/clusters/cl01tl/management/headlamp/templates/external-secret.yaml
@@ -4,7 +4,7 @@ metadata:
   name: headlamp-oidc-secret
   namespace: {{ .Release.Namespace }}
   labels:
-    app.kubernetes.io/name: {{ .Release.Name }}
+    app.kubernetes.io/name: headlamp-oidc-secret
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/version: {{ .Chart.AppVersion }}
     app.kubernetes.io/component: web
@@ -14,17 +14,31 @@ spec:
     kind: ClusterSecretStore
     name: vault
   data:
-    - secretKey: HEADLAMP_CONFIG_OIDC_CLIENT_ID
+    - secretKey: clientID
       remoteRef:
         conversionStrategy: Default
         decodingStrategy: None
         key: /authentik/oidc/headlamp
         metadataPolicy: None
         property: client
-    - secretKey: HEADLAMP_CONFIG_OIDC_CLIENT_SECRET
+    - secretKey: clientSecret
       remoteRef:
         conversionStrategy: Default
         decodingStrategy: None
         key: /authentik/oidc/headlamp
         metadataPolicy: None
         property: secret
+    - secretKey: issuerURL
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /authentik/oidc/headlamp
+        metadataPolicy: None
+        property: issuer
+    - secretKey: scopes
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /authentik/oidc/headlamp
+        metadataPolicy: None
+        property: scopes
diff --git a/clusters/cl01tl/management/headlamp/values.yaml b/clusters/cl01tl/management/headlamp/values.yaml
index c9027cd86..0e40302b4 100644
--- a/clusters/cl01tl/management/headlamp/values.yaml
+++ b/clusters/cl01tl/management/headlamp/values.yaml
@@ -2,21 +2,8 @@ headlamp:
   config:
     oidc:
       secret:
-        create: true
-        name: headlamp-oidc-generated-secret
-  env:
-    - name: HEADLAMP_CONFIG_OIDC_CLIENT_ID
-      valueFrom:
-        secretKeyRef:
-          key: HEADLAMP_CONFIG_OIDC_CLIENT_ID
-          name: headlamp-oidc-secret
-    - name: HEADLAMP_CONFIG_OIDC_CLIENT_SECRET
-      valueFrom:
-        secretKeyRef:
-          key: HEADLAMP_CONFIG_OIDC_CLIENT_SECRET
-          name: headlamp-oidc-secret
-    - name: HEADLAMP_CONFIG_OIDC_IDP_ISSUER_URL
-      value: https://authentik.alexlebens.net/application/o/headlamp/
+        create: false
+        name: headlamp-oidc-secret
   persistentVolumeClaim:
     enabled: true
     accessModes: