sso-secrets.yaml

apiVersion: v1
kind: Template
metadata:
  creationTimestamp: null
  name: "true"
objects:
  - apiVersion: v1
    stringData:
      CLIENT_SSO_CLIENTID: ${CLIENT_SSO_CLIENTID}
      CLIENT_SSO_HOST: ${CLIENT_SSO_HOST}
      CLIENT_SSO_REALM: ${CLIENT_SSO_REALM}
      JWT_SSO_AUDIENCE: ${JWT_SSO_AUDIENCE}
      JWT_SSO_AUTHORITY: ${JWT_SSO_AUTHORITY}
    kind: Secret
    metadata:
      name: sso-configs
    type: Opaque
parameters:
  - description: OAuth Keycloak SSO public client ID, used by the frontend login
    displayName: CLIENT_SSO_CLIENTID
    name: CLIENT_SSO_CLIENTID
    required: true
    value: "clientid"
  - description: Keycloak SSO public client auth URL, used by the frontend login.  Eg, https://dev.oidc.gov.bc.ca/auth
    displayName: CLIENT_SSO_HOST
    name: CLIENT_SSO_HOST
    required: true
    value: "ssohost"
  - description: Keycloak SSO realm
    displayName: CLIENT_SSO_REALM
    name: CLIENT_SSO_REALM
    required: true
    value: "realm"
  - description: Keycloak SSO bearer client ID, used by the API server
    displayName: JWT_SSO_AUDIENCE
    name: JWT_SSO_AUDIENCE
    required: true
    value: "audience"
  - description: Keycloak SSO bearer authority, used by the API server.  Eg, https://dev.loginproxy.gov.bc.ca/auth/realms/<realm>
    displayName: JWT_SSO_AUTHORITY
    name: JWT_SSO_AUTHORITY
    required: true
    value: "auth"
  - description: Environment.  Eg, DEV, TEST, UAT, PROD
    displayName: ENV
    name: ENV
    required: true
    value: "dev"