launchpad/apps/base/forte-drop/kustomization.yaml at e49c0928d22d71733544955224a8ef0c750662fa - launchpad - Forte Git

Forte/launchpad

Files

Sten e49c0928d2 refactor(apps): registrar-managed oidc creds, drop mcp client, DRY secret

Per platform review (danijel):
- keycloak-client-forte-drop: add the secret{} block telling the
  registrar where to write the credential Secret + key names
  (forte-drop-oidc-credentials, client-id/client-secret). The
  forte-helm oidc sidecar consumes that registrar-created Secret —
  no manual auth-oidc SealedSecret step (removed that NOTE).
- Delete keycloak-client-forte-drop-mcp: auth.type: mcp auto-registers
  the MCP client; no manual config needed.
- Re-seal forte-drop-secrets with all shared env (BASE_DOMAIN, PG*,
  S3_*, PASSWORD_GATE_SECRET) so both deployments get identical values
  via envSecretName (values extraEnv now carries only APP_MODE).

2026-06-04 15:22:05 +02:00

9 lines

199 B

YAML

Raw Blame History

 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
 - namespace.yaml
 - forte-drop.yaml
 - keycloak-client-forte-drop.yaml
 - forte-drop-pdb.yaml
 - forte-drop-secrets-sealed.yaml