From 314f62c434db2a8439a1098493b5e30c912ac72d Mon Sep 17 00:00:00 2001
From: Michael Haehnel <michael.haehnel@netgo.de>
Date: Thu, 16 Mar 2023 10:24:47 +0100
Subject: [PATCH] DEV-900 Create keycloak secret for iam per namespace

---
 secrets_nsodev.yaml                     | 7 +++++--
 templates/secret_iam_keycloakcreds.yaml | 8 ++++++++
 values_nsodev.yaml                      | 5 ++---
 3 files changed, 15 insertions(+), 5 deletions(-)
 create mode 100644 templates/secret_iam_keycloakcreds.yaml

diff --git a/secrets_nsodev.yaml b/secrets_nsodev.yaml
index 34291a7..6ce68cc 100644
--- a/secrets_nsodev.yaml
+++ b/secrets_nsodev.yaml
@@ -111,14 +111,17 @@ prometheusPgExporter:
         pgHostname: ENC[AES256_GCM,data:F4R2lcLEeqg+99LGyMIk2A==,iv:3eL540ONsQm9o3FcATwA4xf/wgF/DeuUv7CAD5TCRz8=,tag:mnUf7QwO8fOT/vLc7nHplg==,type:str]
         pgUsername: ENC[AES256_GCM,data:gwW/lv44wkDxyqSUQV3C4M4=,iv:k9AwTdhT5lWC+Idtpm6Keb6HBFoDsTyfwj42nP7vWTI=,tag:/jkFJAOKhhKp53bTGzWL9Q==,type:str]
         pgPassword: ENC[AES256_GCM,data:wf+LP9osXWPMwo05JR0mKI4gxt7pB0PnrbJqOF7L48k=,iv:Z5Suc34EqmyUjIPAw5qdIY6ZV46D0VE/T9pz0DhMQcY=,tag:M+xX3gCXcpMAVh1ktSQFXw==,type:str]
+iam:
+    iam_keycloak_username: ENC[AES256_GCM,data:2Ur6BnFLpXmeLr2L4QQ=,iv:/QQFEwMlEdey/nlWEgMbG2cokb41GP9782vpua2F5D8=,tag:O0bCmpxHJOitxyThaX/ANA==,type:str]
+    iam_keycloak_password: ENC[AES256_GCM,data:Lj0BdgSi9RebXQ19nlJtmdLFhg0=,iv:rGij7rjE1uAAxhhmBJ46ule6CXSFq7ysdVkTQdHomfM=,tag:W8ra+LYDsGRUe2NnaVhkIw==,type:str]
 sops:
     kms: []
     gcp_kms: []
     azure_kv: []
     hc_vault: []
     age: []
-    lastmodified: "2023-02-22T16:06:39Z"
-    mac: ENC[AES256_GCM,data:ZSMTkpdvSgTYm7vCdmjp/b0qP7lYfTZymVzXJLS1HPek8EfNT72KvZcZQVDILEyo7JLRn+QTjT/x8A2hCny/xegSB681WtoA8Z7kEo/Qm1enFCZwfpnr2EFwbExP/2B7JliVrpjfXEasQcEappDVBMA9nVVFn5oC8o+oEtD1Z7A=,iv:3Tv4pv5Obqe/ulBUc7fFouzvSMyN45LcxxbLGiKYl5A=,tag:LKBSIVRhKhzCh29UPtAiaQ==,type:str]
+    lastmodified: "2023-03-16T09:21:59Z"
+    mac: ENC[AES256_GCM,data:6IfgCi6LspJo1ui0x3G3lgOJojTEM6pznHsFaKz6cUf4D4B0S5AWspawgWB9gD+Lq1AHI5zfF0Q2USqF+QjhqK7YQ5nwDTtN4h3G6DN4gdvnxxM1EJUt9WrVTFYaQLcY/lYWaZ/0YQH4/LBbAilPZt6GM0fyE+e6bolhwq8jYcQ=,iv:xJTZFyFy3g1ctnn3i97cU3OOktS7romdsze9xV+FoyY=,tag:7D/qgLjzM+BAM1GQny3C0w==,type:str]
     pgp:
         - created_at: "2023-02-17T10:43:42Z"
           enc: |
diff --git a/templates/secret_iam_keycloakcreds.yaml b/templates/secret_iam_keycloakcreds.yaml
new file mode 100644
index 0000000..7c37879
--- /dev/null
+++ b/templates/secret_iam_keycloakcreds.yaml
@@ -0,0 +1,8 @@
+apiVersion: v1
+stringData:
+  username: {{ .Values.iam.iam_keycloak_username }}
+  password: {{ .Values.iam.iam_keycloak_password }}
+kind: Secret
+metadata:
+  name: iam-keycloak-creds
+type: Opaque
diff --git a/values_nsodev.yaml b/values_nsodev.yaml
index b9ec950..753002a 100644
--- a/values_nsodev.yaml
+++ b/values_nsodev.yaml
@@ -155,7 +155,6 @@ iam:
   protocol: http
   hostname: iam.nsodev
   port: 8080
-  secret_name_keycloak_creds: mobene-keycloak.iam-keycloak-creds
+  secret_name_keycloak_creds: iam-keycloak-creds
   envvars:
-    #iam_keycloak_auth_server_url: "https://prodwork01-keycloak-01-keycloak.smardigo.digital/auth/"
-    iam_keycloak_auth_server_url: "https://prodnso-keycloak-01.smardigo.digital/auth/"
\ No newline at end of file
+    iam_keycloak_auth_server_url: "https://keycloak-prodwork01.smardigo.digital/auth/"
\ No newline at end of file