diff --git a/.kontinuous/env/preprod/templates/oauth2-proxy.sealed-secret.yaml b/.kontinuous/env/preprod/templates/oauth2-proxy.sealed-secret.yaml new file mode 100644 index 00000000..68cb7cba --- /dev/null +++ b/.kontinuous/env/preprod/templates/oauth2-proxy.sealed-secret.yaml @@ -0,0 +1,17 @@ +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + annotations: + sealedsecrets.bitnami.com/cluster-wide: 'true' + name: oauth2-proxy +spec: + encryptedData: + OAUTH2_PROXY_CLIENT_ID: AgBBhOOAuwpukp9juIjiEhdnNUDAqZZTcVAEnXVp0G81WZ8EIuCjaaS84FQ0uzgT81NqloJc6rdS0NAlhQnGWttQn6GqHmYUH85mfK0flxvK1DDwxW3BPGiakZBN0+E26v+OHqf0bOFQZE2okwgFNMUc6RjjlaFLyWWxfMFdIffU6LXfgeusHzIgc4ypALQbLJklsy+gYMz+3fmdT17M3OARenwuB/yTspjKJLW/cNHPrgWOhTlIJP4obVB7GEqGxgv5h7emSUyo0+xc57ONtcP/8YufM7qS7xEbUFIE2Zh596mGUUxTlD1OMITvBNAx3HySUDwlUqUhi6V/hica3CAAOLCY0X9G4Ae6f+ADBD+9ZPeAJsKIFp6kQ+Z1zuGM62Qsrw7ynOsmhN/LdUv+a+eadel4O6Iz2Sm8rVaBcdhIdI9AXWR2TYEH0slzidsELt6VFVTiC728VNzwOTa6lMk2RQGhtUaXI9KS+nvbTd90BU5GIDlo7FP/naGMXuWn703OKPQvrX3zywPVj5XqXOvgPHi+ADoO+T6nzZUYo2bSsixrjGPCfc3WK/0yjGr7GfGfyGh6JRm5idUAOKAq/XVwE3mO86l3zKHHU1dJn17qAetpAGfkbxPZrjX2tmtO6m/35/azBUDVi4L+HFPfE5Oq207AiC65XdK2ZR5mYiysEBqqPfnrinNC4GLfjj6HAQ1KgwKGKhqctUgZ695P5OymEpY6VA== + OAUTH2_PROXY_CLIENT_SECRET: AgBS9CZ5AsiYPxc7KclDlvcLACN7e28VtseEdcI0dN8nJEW2SnkjsOexEx3zbrHM9EkA2/ebynM2HsT80aDWvRcLPSmX/z9ZWHE2o8smyikgl1AK8Ab5SrEbM1Wan5jHwPw+BKVDW4A3LAK9RNOG1kqenVgJWMSr6YOBWQiQH4wEfNVA5uwa5jchBfdn7LpYlYUM4aOCneNluhdgu3uqLcCxOd26PfR5KytBBOSvEg6WS2ri+87k/C6Jb7eTupA1Y5Tt6jB2rlcPM0UIJ+5yUPNJuxiamRijvzweh8ZsDLqSY6YfeJII26cGpMVllq2cFhK4CKG+9Q6TQIUjQK1mQU55hRdvPYSVWXJ4R4h57J1GiKQccJomFnQIhSLGHmpsbBHDPn70kI7WZ0Zj1GxPOnHuTHJYGJ6jxoul+nPDPQJohoIGwOFY5yBBBv1QKd6VawEtn/nBgD4kfigxd1xIszxD4iNV4nDh6nemnSe0/cNholLHuDP1L4bAkfJO5jF1kGJC16+/PleJWwuSuU8Lyt5xSquaGK+6QsVBvi6adQfwarifJGYeYwTiQ/f4hBu3IHi+880p1bGerfAN/lVndtrytM4KBwQcssLIPWCHFKy0B6DQvfXQ00OXotU6WiwSmqAs3J5OKpxil3jmGixuVAnzA6u1nO86FezBAcUz6ylNqq+jUvBn9hI4Pu8x2zNjApHh6KC4/iHKDCS9rbMwLIzzW1b8l/wpjKlfztQb42JL5cWYPvMPOEh7 + OAUTH2_PROXY_COOKIE_SECRET: AgCEFJJWDqdGPnlxwTtq8O9VwHcMEyMGcAEwd9zs2eDkEl1z3v+DCe8BW6Id5JG1p0D8v0DYlvNuG/rnLnjDMLlGjJzQfkmAflrCOblhvEz2tCuW8y5fvuJXCMqAO7a1uKV9faHLRR/XdZPpWyzuCAxerXvCO2QaSLxne0+qEI6tpFoj1NH7m9gbMVJhmd4pFSfYkoTWTYKLNMp7N9QcwGByfwkrsrxYDYtQibQSkK4mxituJH5Yx7jQlZ+jHVHxdZMBSXWqg48tXN/TvLSGU4CHPfXxknKa6kQDMN5Vh5R31fH6/uvdYyOxlDPmOachDSTvfYVUSbv5g6iv+nZagO7jTjtyIwqSNO+m9lSPJyr56V7fovPwCpU696pXjGBxIT7yaFsJMvYXxwPAIMKdFWoXrpI0Xat6/vv8VDSvY/d6MR2giafvbFHIHhMi+qcnzZgKnhcHCbL4qg/eUpqqWN8J3rc2y0NiYOjaHMhG/mxNpddpORV3G594VTismRIvJyWufJAqzTAnrVrkNGRcGpFFRqNN1TbprRfqY3VLb1ZIX3ul7jxepKIDDZBWCwzpiKy1WALtMg+9M1gGEx9T+lrKdQkg9XNpQa/QVc0xYeeBgcSBBi2wCEokB4rcQtrroKbg4ngVNP0ce1XUnd3q4y2BYwHvEzNOpr3AOnf3bgjzH6TsK2zE/nQT7RIAhZ0vqdPpyoWnQrM0pln7zX/OzEbilOW6/yNmk/ualc21fSEF4npqzdeC7hc1wG5wuQ== + template: + metadata: + annotations: + sealedsecrets.bitnami.com/cluster-wide: 'true' + name: oauth2-proxy + type: Opaque diff --git a/.kontinuous/env/preprod/values.yaml b/.kontinuous/env/preprod/values.yaml index 6ffd167c..b130317e 100644 --- a/.kontinuous/env/preprod/values.yaml +++ b/.kontinuous/env/preprod/values.yaml @@ -130,3 +130,35 @@ pg-strapi: cnpg-cluster: backup: ~tpl~enabled: "false" + +pgadmin: + ~chart: pgadmin + oauth2-proxy: + host: pgadmin-{{ .Values.global.host }} + config: + OAUTH2_PROXY_GITHUB_ORG: "SocialGouv" + OAUTH2_PROXY_GITHUB_TEAM: "admins-fce,sre" + envFrom: + - secretRef: + name: oauth2-proxy + secrets: + - name: pg-app + keys: + user: PGUSER + password: PGPASSWORD + host: PGHOST + port: PGPORT + database: PGDATABASE + - name: pg-strapi-superuser + keys: + user: user + password: password + host: host + port: port + - name: pg-n8n-app + keys: + user: PGUSER + password: PGPASSWORD + host: PGHOST + port: PGPORT + database: PGDATABASE