soukaina/Argocd-test
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

add Code

Browse Source
This commit is contained in:
soukainna
2023-07-10 09:03:34 +02:00
parent a855a4fe6a
commit 1188cbd255
38 changed files with 914 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

65
mobility-accounts/config.yaml Normal file
View File

@@ -0,0 +1,65 @@
dev_env: true
storage:
db:
mongodb:
uri:
db_name:
collections:
users: users
kv:
type: etcd
etcd:
endpoints: etcd:2379
prefix: mobilityaccounts/
services:
grpc:
enable: true
port: 8080
oidc_provider:
enable: true
csrf_key: 32-byte-long-auth-key-----------
port: 80
namespaces:
parcoursmob:
namespace: parcoursmob
secret_key: some-cool-secret-that-is-32bytes
templates_dir: oidc-provider/templates/parcoursmob
match_claims:
groups: groups
first_name: first_name
last_name: last_name
email: email
display_name: display_name
"urn:cms:personal-informations:read": personal_information
"urn:cms:civil-status:read": civil_status
"urn:cms:favorites:read": favorites
"urn:cms:driving-licence:read": driving_licence
"urn:cms:ice-contacts:read": ice
# "urn:cms:fr-caf-information:read": fr_caf_information
# "urn:cms:fr-dgfip-information:read": fr_dgfip_information
# "urn:cms:fr-mesri-information:read": fr_mesri_information
clients:
- id: abcdef
oidc: true
secret: $2y$10$0GwBc17u9HjZnVlFjhIv2u.Jq..5NyzdUENpGa8jUtok2zHj/STmm
token_endpoint_auth_method: client_secret_post
response_types:
- code
grant_types:
- authorization_code
redirect_uris:
- https://openidconnect.net/callback
- https://psteniusubi.github.io/oidc-tester/authorization-code-flow.html
- http://localhost:9000/api/oauth2/callback
scopes:
- openid
- profile
- groups
- first_name
- last_name
- display_name
- email
- urn:cms:personal-informations:read

64
mobility-accounts/deployment.yaml Normal file
View File

@@ -0,0 +1,64 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: test-coopgo-mobility-accounts
spec:
replicas: 1
template:
spec:
containers:
- name: mobility-accounts
image: docker.io/library/mobility-accounts-v3:local
ports:
- name: grpc
containerPort: 8080
protocol: TCP
- name: http
containerPort: 80
protocol: TCP
env:
- name: STORAGE_DB_MONGODB_URI
valueFrom:
secretKeyRef:
name: db-secret
key: storage_db_mongodb_uri
- name: STORAGE_DB_MONGODB_DB_NAME
valueFrom:
secretKeyRef:
name: db-secret
key: storage_db_mongodb_db_name
- name: SERVICES_OIDC_PROVIDER_CSRF_KEY
valueFrom:
secretKeyRef:
name: mobility-account-secret
key: services_oidc_provider_csrf_key
- name: SERVICES_OIDC_PROVIDER_NAMESPACES_PARCOURSMOB_SECRET_KEY
valueFrom:
secretKeyRef:
name: mobility-account-secret
key: services_oidc_provider_namespaces_parcoursmob_secret_key
- name: SERVICES_OIDC_PROVIDER_NAMESPACES_PARCOURSMOB_CLIENTS_ID
valueFrom:
secretKeyRef:
name: mobility-account-secret
key: services_oidc_provider_namespaces_parcoursmob_clients_id
- name: SERVICES_OIDC_PROVIDER_NAMESPACES_PARCOURSMOB_CLIENTS_SECRET
valueFrom:
secretKeyRef:
name: mobility-account-secret
key: services_oidc_provider_namespaces_parcoursmob_clients_secret
volumeMounts:
- name: mobility-accounts-config-volume
mountPath: /config.yaml
subPath: config.yaml
imagePullSecrets:
- name: regcred
volumes:
- name: mobility-accounts-config-volume
configMap:
name: test-mobility-accounts-config
items:
- key: config.yaml
path: config.yaml

16
mobility-accounts/kustomization.yaml Normal file
View File

@@ -0,0 +1,16 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
commonLabels:
app.kubernetes.io/name: test-coopgo-mobility-accounts
app.kubernetes.io/instance: test-coopgo-mobility-accounts
configMapGenerator:
- name: test-mobility-accounts-config
files:
- config.yaml
resources:
- deployment.yaml
- service.yaml
- sealed-mobility-account-secret.yaml

24
mobility-accounts/sealed-mobility-account-secret.yaml Normal file
View File

@@ -0,0 +1,24 @@
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
annotations:
sealedsecrets.bitnami.com/namespace-wide: "true"
creationTimestamp: null
name: mobility-account-secret
namespace: default
spec:
encryptedData:
services_oidc_provider_csrf_key: AgB2Mn2KrUOinOeg5+GV7OSHJZr33r9uhbFUwe86eiCeQSrpaMIU0hyRau/7VjCZ5n64UbCQHsiMiFGvme4CHAiUsmRtBMqWxIF0kwGy/5GxyVu32vIUSwX5rEtfCLTbW1kQ5cRlsXpRG90pCBG47x56oakrFeX8yCft8WA8U8Qy9hhcXzny1A+7ITbYEVTpt/9fMkOaTrcoPZlVvxTUBXMOrvrQYEg22mnDVENvvZ4jIimHp0qA5uDqF2sq7gXMXNXBeiem3mPLVKCGGbtMmWcGjgXoFZccsNPp3kBzeAgoBIV1a3+cQv5kAo/GehgzhN0iDwmmvfzR8EicohWybt67h6YTCGsoSQ/Rg0WXj61O4lLhKYhTlG1Pw+2dIsvC43ALNanZBc1Gx8Vt7QjL3ms03FjRtHJzYweyNT6RXF0XE9yo0TMjNMmCRNsq4EOO9zkMI9NR8subIP7IKUviZEGKF3gXlG6oxGG/SLkgzYhEONN9B9xFPF+OleijceeWxDb2CFAH86mlqvePHpbU2v1yRAlECb/EQw/NgZoeRzOYbe6toPJgWHV2l33eHYQ/T8EZdu5nMdNAzjLnaTSX8GLL+GCCv5pW6RuFG2DecrDpijXYv5ULIinc+oQLJ8XFFKpsYR+0Sk9/047N3jToEQhExGdDDKozJB68z6uMcVM0UbYzIZjPX6jFHhJRS9IsXIbrVdnnsFiTzRntvcRp1TqUqJ9IgP88HaELytm+Hxd1mQ==
services_oidc_provider_namespaces_parcoursmob_clients_id: AgCv8+Kd/v1u2+JKQTQtdigWPeszc+FOChEC167rOoC+lPjpu2Oadq2gl4EDQyLDxvBUwJwBj9s6dMRjaxKgb7RLMneHnwgjTMiKzufzBB0C5tvH5OY1WOQP7q0XC82mTzmHLw40B82V5tpqsqTWHbVQE3BF39OLhh4j1k2QcwBhj8DWvPo112P73QNcJfUmGIa2PZPssy0+9lUALUBUxycZ+nDHl6JEUQJPIkhvXy9IQntXqA7wuExQVCPZCMwBhFrr/HsAo/NnWWIywH/Dh+4Cw9MZkjwSiotzcZ5r2iQXZGWcjQPJs4yEumpUGwV3JlmtBJP/ayxc5ZjMZKM+nQbbpBtTfp+js6DfpQRPQMsbKwEJ18OwtEyne4xCfenKWXd60KsKu/3hRzM2TIK7nZ8tgF/P1rs6OkYitBOgD6gHiQuuPQJ/WAZDQ4ddg84j3C06kfKkYegmJ5AnMQcoNw/3nx7Zez2NH5gRCY1Xvg6JSVrHATU9WMnzENWGu1U/JCZd7pxL+pwfLX8Ddjxe7wNJIxAsl/CSCLtXse61FlYA/Lnnnr+Xbnb+/0vE0YytVrcDSvw5kDQvP1KFl6PsIo8t6kjrH99Utf/hmiDqv2rp7dBY7g8TSDmg60KBRgL8EjNxNJ2q2Pt00k1FdwwgrLyzTbH0dgrT63Lr25dDfFXaa2bDe/sY44WaW1CbHW6CoTffsUcvKaA=
services_oidc_provider_namespaces_parcoursmob_clients_secret: AgCeyi8tkfM9FQlFHp2RqNS6d+j6UViI/2l0bFa9wfJbs1625J5a3BhN0iWjFtvcDuwszIdQUT0XoO7VJRV8MfiA1PXzkUGmaEgYe8CtoZBuVv7Dolb3NIcvv2gQ7KyTyUDoRxZ0IyCEzI9TV5lX7CH8Xs1PgE7VF72swKpcH5lBxfFSF+9kDrHfCWLxa4JMBRW066N07WAKffcw9M3r5mgU0TMQyOUXilTWFo3y7F6IU90nqylc07djnaAPXLEYdiEKQrOF4qRHWgfGCeYhJeuD2RQRWd3zHilpAwoOjY6SYu+CjHJ/CP6RUps5lhrIzt9m3XxVg+gN4vVgnZ/DPhRh7a4xfaM+dmSZT6I3pzrUWPeCk03XPM5RFaqWFh7w22SwuNKLv71V3PIAX+1vNP1AmDDByMDscFAyyiak5Nu7NbJWCdZUc1f1bh9MqU/E+r5RUJROD5Chw2g95P3yTiNfdLwLWrbWvHgdwS9zAxU5Rs5tEChE23IvZdvr8K6qDmsZitSLnfj7Aki4OjDXJXWmrcrA8AZThvMeSpxYzRD0aGlykhBLmmnVMyMDxgkXTQ63obRgGrXqiyyC1DQxbxsiChMs1x/SeWA/6rHA9X1ZF2wFtIAlbU7WQ9rLvRx2PuWpA2JBElQ8Z5aKHzbAa5njvdJvLyyVPHIxuOSNTvr4wvqBqOyuufHSbBMtq4c/OlPHi5d3crFkRbpgZCnK0pHSW55xqhMuu68VVqzrD0+VvwDbOudRA7FZc8SnYywD8w3yt230CyumzE/kwEc=
services_oidc_provider_namespaces_parcoursmob_secret_key: AgBhgRzJwpBz+uEekHf9KSuikrtMH90Qua3fBLuOefgBYELr8bpY+NBfSgXJ2ro9G7UTTpY0rDwr2EGbij6ZMVPXQ+cNGqE57elZbIJ94+PpbSoD9rq6xJwD7+UtM0nERbjW97ICAaHQjFqIC+lj7pMSyE6M3P577+A6kFAoxjWlRnkxi+r9nqoFgGQLAU1ESkFhgKi/1CWIw3YI8HaKyTbaJjoFovmpKGt20w0Wssaa7/F7TC+UYazX5ZTFNCo7foGRI0fHTfP8gKkwa8DA4hr7Ado67BAfqmzOTsX+gGsNN5BNvsf6V4Xzaqz4cOI+j+24h+wc4+q+9nnCAnKwl/wyDgIppX0wchP39HlmI4DGy5Y0526WZ2Q52YIyYqTWQBCXWaIb4AR0daHjeme/yDb3tvcHHVqLC30M+DktvGkUDcPl5V5jKIN6RQbMbMUyJFEg4euxnl9SXgdAnRuB5ExvYNzFauzbvGyFzTuNVMvy+ScgQWoZkne+Se6FRPtXle+wCzK3jKTdjAFoJ+D8qdn202e8TloiYp6xqRwPYZry5Ay7+EAHWvAJ11w+vxBtikV/o/+MIcp8Kv7801fDKzkYDMUJ3p8ftee+EwdiH3G+cVX7bAOgP3PmKMG0j3WRa0WLUZO2XRgG6VTbUfREzm7FouVOUbY+GX4HMc3QaehyP0lhcRUKtHFIdQmcdU+yOBJXWqNcFsRRujSsnjXfL1TXwx83Hye1/JiHd1R8XlbcAg==
template:
metadata:
annotations:
sealedsecrets.bitnami.com/managed: "true"
sealedsecrets.bitnami.com/namespace-wide: "true"
creationTimestamp: null
name: mobility-account-secret
namespace: default
type: Opaque

12
mobility-accounts/service.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: v1
kind: Service
metadata:
name: test-coopgo-mobility-accounts-svc
spec:
ports:
- name: grpc
port: 8080
protocol: TCP
- name: http
port: 80
protocol: TCP