diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml index 4d070483..e63eed7c 100644 --- a/.gitea/workflows/ci.yml +++ b/.gitea/workflows/ci.yml @@ -222,14 +222,6 @@ jobs: --from-literal=AUTHENTIK_SECRET_KEY="${AUTHENTIK_SECRET_KEY}" \ --dry-run=client -o yaml | kubectl apply -f - - kubectl create secret generic cameleer-oidc \ - --namespace=cameleer \ - --from-literal=CAMELEER_OIDC_ENABLED="${CAMELEER_OIDC_ENABLED:-false}" \ - --from-literal=CAMELEER_OIDC_ISSUER="${CAMELEER_OIDC_ISSUER}" \ - --from-literal=CAMELEER_OIDC_CLIENT_ID="${CAMELEER_OIDC_CLIENT_ID}" \ - --from-literal=CAMELEER_OIDC_CLIENT_SECRET="${CAMELEER_OIDC_CLIENT_SECRET}" \ - --dry-run=client -o yaml | kubectl apply -f - - kubectl apply -f deploy/postgres.yaml kubectl -n cameleer rollout status statefulset/postgres --timeout=120s @@ -261,10 +253,6 @@ jobs: AUTHENTIK_PG_USER: ${{ secrets.AUTHENTIK_PG_USER }} AUTHENTIK_PG_PASSWORD: ${{ secrets.AUTHENTIK_PG_PASSWORD }} AUTHENTIK_SECRET_KEY: ${{ secrets.AUTHENTIK_SECRET_KEY }} - CAMELEER_OIDC_ENABLED: ${{ secrets.CAMELEER_OIDC_ENABLED }} - CAMELEER_OIDC_ISSUER: ${{ secrets.CAMELEER_OIDC_ISSUER }} - CAMELEER_OIDC_CLIENT_ID: ${{ secrets.CAMELEER_OIDC_CLIENT_ID }} - CAMELEER_OIDC_CLIENT_SECRET: ${{ secrets.CAMELEER_OIDC_CLIENT_SECRET }} deploy-feature: needs: docker @@ -304,7 +292,7 @@ jobs: run: kubectl create namespace "$BRANCH_NS" --dry-run=client -o yaml | kubectl apply -f - - name: Copy secrets from cameleer namespace run: | - for SECRET in gitea-registry postgres-credentials opensearch-credentials cameleer-auth cameleer-oidc; do + for SECRET in gitea-registry postgres-credentials opensearch-credentials cameleer-auth; do kubectl get secret "$SECRET" -n cameleer -o json \ | jq 'del(.metadata.namespace, .metadata.resourceVersion, .metadata.uid, .metadata.creationTimestamp, .metadata.managedFields)' \ | kubectl apply -n "$BRANCH_NS" -f - diff --git a/deploy/base/server.yaml b/deploy/base/server.yaml index bad69a22..bdf52a77 100644 --- a/deploy/base/server.yaml +++ b/deploy/base/server.yaml @@ -63,30 +63,7 @@ spec: name: cameleer-auth key: CAMELEER_JWT_SECRET optional: true - - name: CAMELEER_OIDC_ENABLED - valueFrom: - secretKeyRef: - name: cameleer-oidc - key: CAMELEER_OIDC_ENABLED - optional: true - - name: CAMELEER_OIDC_ISSUER - valueFrom: - secretKeyRef: - name: cameleer-oidc - key: CAMELEER_OIDC_ISSUER - optional: true - - name: CAMELEER_OIDC_CLIENT_ID - valueFrom: - secretKeyRef: - name: cameleer-oidc - key: CAMELEER_OIDC_CLIENT_ID - optional: true - - name: CAMELEER_OIDC_CLIENT_SECRET - valueFrom: - secretKeyRef: - name: cameleer-oidc - key: CAMELEER_OIDC_CLIENT_SECRET - optional: true + resources: requests: memory: "256Mi" diff --git a/deploy/overlays/feature/kustomization.yaml b/deploy/overlays/feature/kustomization.yaml index 2aec4aad..91ab5b37 100644 --- a/deploy/overlays/feature/kustomization.yaml +++ b/deploy/overlays/feature/kustomization.yaml @@ -11,7 +11,7 @@ images: - name: gitea.siegeln.net/cameleer/cameleer3-server-ui newTag: BRANCH_SHA patches: - # Server Deployment: branch-specific schema, index prefix, UI origin, OIDC disabled + # Server Deployment: branch-specific schema, index prefix, UI origin - patch: | apiVersion: apps/v1 kind: Deployment @@ -29,8 +29,6 @@ patches: value: "cam-BRANCH_SLUG-executions-" - name: CAMELEER_UI_ORIGIN value: "http://BRANCH_SLUG.cameleer.siegeln.net" - - name: CAMELEER_OIDC_ENABLED - value: "false" # UI ConfigMap: branch-specific API URL - target: kind: ConfigMap