alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 7 Actions 1 Activity

feat: add more
All checks were successful
lint-test-helm / lint-helm (pull_request) Successful in 12m40s
Details
lint-test-helm / validate-kubeconform (pull_request) Successful in 14m29s
Details

Browse Source
This commit is contained in:
Alex Lebens
2026-04-21 21:13:37 -05:00
parent e104eae55e
commit f2280ff40a
8 changed files with 114 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
clusters/cl01tl/helm/komodo/templates/external-secret.yaml
View File

@@ -9,27 +9,42 @@ metadata:
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
name: openbao
data:
- secretKey: passkey
remoteRef:
key: /cl01tl/komodo/config
key: /cl01tl/komodo/key
property: passkey
- secretKey: jwt
remoteRef:
key: /cl01tl/komodo/config
key: /cl01tl/komodo/key
property: jwt
- secretKey: webhook
remoteRef:
key: /cl01tl/komodo/config
key: /cl01tl/komodo/key
property: webhook
- secretKey: oidc-client-id
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: komodo-oidc-authentik
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: komodo-oidc-authentik
{{- include "custom.labels" . | nindent 4 }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: openbao
data:
- secretKey: client
remoteRef:
key: /authentik/oidc/komodo
key: /cl01tl/authentik/oidc/komodo
property: client
- secretKey: oidc-client-secret
- secretKey: secret
remoteRef:
key: /authentik/oidc/komodo
key: /cl01tl/authentik/oidc/komodo
property: secret
---
@@ -44,7 +59,7 @@ metadata:
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
name: openbao
data:
- secretKey: uri
remoteRef:

8
clusters/cl01tl/helm/komodo/values.yaml
View File

@@ -68,13 +68,13 @@ komodo:
- name: KOMODO_OIDC_CLIENT_ID
valueFrom:
secretKeyRef:
name: komodo-secret
key: oidc-client-id
name: komodo-oidc-authentik
key: client
- name: KOMODO_OIDC_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: komodo-secret
key: oidc-client-secret
name: komodo-oidc-authentik
key: secret
- name: KOMODO_OIDC_USE_FULL_EMAIL
value: true
resources: