@@ -0,0 +1,18 @@
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
pull_request:
|
||||
|
||||
jobs:
|
||||
test:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
- name: Secret Scanning
|
||||
uses: trufflesecurity/trufflehog@main
|
||||
with:
|
||||
extra_args: --results=verified,unknown
|
||||
@@ -1,8 +1,3 @@
|
||||
# Labeled config Secret read by the Keycloak Client Registrar. Kyverno clones it
|
||||
# to the keycloak namespace; a CronJob registers the OIDC client in the forte
|
||||
# realm and writes the credentials back as forte-drop-oidc-credentials in THIS
|
||||
# namespace (~2 min). The forte-helm auth sidecar (auth.type: oidc) consumes that
|
||||
# registrar-created Secret automatically — no manual SealedSecret step needed.
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
|
||||
Reference in New Issue
Block a user