k8s: forge-dev: setup oauth2-proxy for pgadmin and kafka-console (!1219) · Merge requests · Forge / infra / infrastructure

TODO:

Create a CRI OIDC Client with the following settings
- restricted mode enabled
- labo-labsi-devs mapping to roles kafka-console-dev pgadmin-dev
- labo-labsi-roots mapping to roles kafka-console-dev pgadmin-dev
- client type : confidential
create the config secret in vault with path k8s-prod-1/forge-dev-oauth2-proxy/config with the following keys
- client-id the client id of the created oidc client
- client-secret the client secret of the created oidc client
- cookie-secret a random secret generated with : python -c 'import os,base64; print(base64.urlsafe_b64encode(os.urandom(32)).decode())'

Edited Dec 07, 2022 by Eliott Bouhana

k8s: forge-dev: setup oauth2-proxy for pgadmin and kafka-console