k8s: forge-dev: setup oauth2-proxy for pgadmin and kafka-console
TODO:
-
Create a CRI OIDC Client with the following settings - restricted mode enabled
-
labo-labsi-devs
mapping to roleskafka-console-dev pgadmin-dev
-
labo-labsi-roots
mapping to roleskafka-console-dev pgadmin-dev
- client type : confidential
-
create the config secret in vault with path k8s-prod-1/forge-dev-oauth2-proxy/config
with the following keys-
client-id
the client id of the created oidc client -
client-secret
the client secret of the created oidc client -
cookie-secret
a random secret generated with :python -c 'import os,base64; print(base64.urlsafe_b64encode(os.urandom(32)).decode())'
-