chore(apps): clarify auth-oidc follow-up (drop commented-out resource line)
ai-review: a commented-out resource line reads as GitOps debt. Replace the '# - auth-oidc-sealed.yaml' line with an explicit NOTE explaining it's a deliberate post-deploy step (needs the registrar-generated client-secret), not a disabled resource.
This commit is contained in:
Sten
@@ -6,4 +6,8 @@ resources:
|
||||
- keycloak-client-forte-drop.yaml
|
||||
- forte-drop-pdb.yaml
|
||||
- forte-drop-secrets-sealed.yaml
|
||||
# - auth-oidc-sealed.yaml # added in follow-up commit (after Keycloak registrar creates client_secret)
|
||||
|
||||
# NOTE: the web sidecar's auth-oidc SealedSecret is added in a follow-up commit,
|
||||
# once the Keycloak registrar has created forte-drop-oidc-credentials post-deploy
|
||||
# (see PR description for the one-time seal step). It is intentionally NOT a
|
||||
# resource here yet — sealing it requires the registrar-generated client-secret.
|
||||
|
||||
Reference in New Issue
Block a user