@@ -0,0 +1,18 @@
|
|||||||
|
on:
|
||||||
|
push:
|
||||||
|
branches:
|
||||||
|
- main
|
||||||
|
pull_request:
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
test:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- name: Checkout code
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
with:
|
||||||
|
fetch-depth: 0
|
||||||
|
- name: Secret Scanning
|
||||||
|
uses: trufflesecurity/trufflehog@main
|
||||||
|
with:
|
||||||
|
extra_args: --results=verified,unknown
|
||||||
@@ -1,8 +1,3 @@
|
|||||||
# Labeled config Secret read by the Keycloak Client Registrar. Kyverno clones it
|
|
||||||
# to the keycloak namespace; a CronJob registers the OIDC client in the forte
|
|
||||||
# realm and writes the credentials back as forte-drop-oidc-credentials in THIS
|
|
||||||
# namespace (~2 min). The forte-helm auth sidecar (auth.type: oidc) consumes that
|
|
||||||
# registrar-created Secret automatically — no manual SealedSecret step needed.
|
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Secret
|
kind: Secret
|
||||||
metadata:
|
metadata:
|
||||||
|
|||||||
Reference in New Issue
Block a user