feat(apps): forte-drop web + mcp ArgoCD applications
Two ArgoCD apps from the same forte-drop image:
- forte-drop (web): admin + public drops, sidecar in oidc mode,
ingress drop-k8s.hackathon.forteapps.net.
- forte-drop-mcp (mcp): MCP-over-HTTP, sidecar in mcp mode,
ingress mcp.drop-k8s.hackathon.forteapps.net.
Plus two labeled Keycloak client config Secrets — the registrar
creates the OIDC clients in the forte realm within ~2 min.
Sealed secrets (forte-drop-secrets + auth-oidc) added in a
follow-up commit by the maintainer:
cd /Users/sten/dev/work/forte_k8/launchpad
kubeseal --format=yaml \
--controller-name=sealed-secrets-controller \
--controller-namespace=kube-system \
< private/forte-drop-secrets.yaml \
> apps/base/forte-drop/forte-drop-secrets-sealed.yaml
# auth-oidc: wait for registrar, copy client-secret into private/,
# then seal as apps/base/forte-drop/auth-oidc-sealed.yaml.
# (mcp deployment is sidecar type=mcp — no auth-oidc Secret needed;
# only the web deployment requires it.)
This commit is contained in:
Sten
7
apps/base/forte-drop/kustomization.yaml
Normal file
7
apps/base/forte-drop/kustomization.yaml
Normal file
@@ -0,0 +1,7 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- forte-drop.yaml
|
||||
- keycloak-client-forte-drop.yaml
|
||||
# - forte-drop-secrets-sealed.yaml # added in follow-up commit
|
||||
# - auth-oidc-sealed.yaml # added in follow-up commit (after Keycloak registrar creates client_secret)
|
||||
Reference in New Issue
Block a user