fix: unify dex config handling

charts/dex/base/kustomization.yaml

@@ -1,2 +1,8 @@
+generatorOptions:
+  disableNameSuffixHash: true
+secretGenerator:
+  - name: dex-config
+    files:
+      - config.yaml
 resources:
   - cluster.yaml

charts/dex/prod/config.yaml

@@ -1,138 +0,0 @@
-issuer: https://idp.srv.oceanbox.io/dex
-storage:
-  type: postgres
-  config:
-    host: prod-dexdb-rw
-    port: 5432
-    database: app
-    user: app
-    password: uJOKe2pvRwPm6BZYyJu0KVqcfbzeryRjFrTJZN26MxoIJHeuLZo6j06yb6T3fNzR
-    ssl:
-      mode: disable
-web:
-  http: 127.0.0.1:5556
-telemetry:
-  http: 127.0.0.1:5558
-grpc:
-  addr: 127.0.0.1:5557
-frontend:
-  dir: /srv/dex/web
-  issuer: oceanbox
-  extra:
-    client_logo_url: "../theme/client-logo.png"
-# enablePasswordDB: true
-# staticPasswords:
-#   - email: "admin@oceanbox.io"
-#     hash: "$2y$12$2AUaWnDEpHxsfFyRzTwx8e8WtJtnhGJOujPjP3BXVVCJe3c.k2PjC"
-#     username: "admin"
-#     userID: "9a15441c-4d66-4b26-a0f6-4e619535ee8f"
-oauth2:
-  responseTypes: [ "code" ]
-  skipApprovalScreen: true
-  alwaysShowLoginScreen: false
-connectors:
-- type: microsoft
-  id: oceanbox
-  name: oceanbox.io
-  config:
-    clientID: 43667ac0-37e1-422f-99fc-50a699bb255c
-    clientSecret: p1c8Q~H5LsnhUzVGhHxVzqompiC7949QpIqJrcNB
-    tenant: 3f737008-e9a0-4485-9d27-40329d288089
-    redirectURI: https://idp.srv.oceanbox.io/dex/callback
-    onlySecurityGroups: true
-    groups:
-      - atlantis
-- type: microsoft
-  id: salmar
-  name: salmar.no
-  config:
-    clientID: 3f6f1153-e5da-40eb-a2dd-ede6c7bf6058
-    clientSecret: rzC8Q~fc9ex6hBglFPAKCU4KJ1o82AQCQYdb~cI2
-    tenant: de10159d-2c09-4762-966c-e841d3391feb
-    redirectURI: https://idp.srv.oceanbox.io/dex/callback
-    onlySecurityGroups: true
-    groups:
-      - Azure-Grp-App-Cloud-Oceanbox
-- type: microsoft
-  id: aqua-kompetanse
-  name: aqua-kompetanse.no
-  config:
-    clientID: 9fd83910-1a21-4869-8a30-19fc32722ee2
-    clientSecret: Uer8Q~8LKuDNQVt1vHaMVXAzKSLssvVduH.2HcNC
-    tenant: 6cd538cc-6cba-463f-9d22-1e0eda9695e3
-    redirectURI: https://idp.srv.oceanbox.io/dex/callback
-    onlySecurityGroups: true
-    groups:
-      - Oceanbox
-- type: oidc
-  id: keycloak
-  name: default
-  config:
-    issuer: https://auth.srv.oceanbox.io/realms/oceanbox
-    clientID: dex
-    clientSecret: 9c9LAMh7feQRNgHGYaUiASuZBd0JpQC4
-    redirectURI: https://idp.srv.oceanbox.io/dex/callback
-    promptType: login
-staticClients:
-  - id: atlantis
-    redirectURIs:
-      - 'https://maps.oceanbox.io/signin-oidc'
-      - 'https://maps.srv.oceanbox.io/signin-oidc'
-      - 'https://maps.relic.oceanbox.io/signin-oidc'
-    name: 'Atlantis'
-    secret: KOJ6bDHzE5vdyfSrzgwLjtM5PzA809Zm
-  - id: atlantis_dev
-    redirectURIs:
-      - 'https://atlantis.beta.oceanbox.io/signin-oidc'
-      - 'https://jonas-tilt-atlantis.beta.oceanbox.io/signin-oidc'
-      - 'https://stig-tilt-atlantis.beta.oceanbox.io/signin-oidc'
-      - 'https://simkir-tilt-atlantis.beta.oceanbox.io/signin-oidc'
-      - 'https://atlantis.local.oceanbox.io:8080/signin-oidc'
-    name: 'Atlantis dev'
-    secret: 3QjfSPmAemjn34XVA2o1fvoS7I4gKvOR
-  - id: petimeter
-    redirectURIs:
-      - 'https://petimeter.srv.oceanbox.io/signin-oidc'
-    name: 'Petimeter dev'
-    secret: kkrKo3mmmseMnorf9qw3eklefkoOKFNs
-  - id: petimeter_dev
-    redirectURIs:
-      - 'https://petimeter.beta.oceanbox.io/signin-oidc'
-      - 'https://jonas-tilt-petimeter.beta.oceanbox.io/signin-oidc'
-      - 'https://stig-tilt-petimeter.beta.oceanbox.io/signin-oidc'
-      - 'https://simkir-tilt-petimeter.beta.oceanbox.io/signin-oidc'
-      - 'https://petimeter.local.oceanbox.io:8080/signin-oidc'
-    name: 'Petimeter dev'
-    secret: kfngKJF9EKVBnnvgkdmPfs0qw3rmjslk
-  - id: sorcerer
-    redirectURIs:
-      - 'https://sorcerer.ekman.oceanbox.io/signin-oidc'
-      - 'https://sorcerer.hpc.oceanbox.io/signin-oidc'
-    name: 'Sorcerer'
-    secret: sIUXxSQLaTJiLCQ9AqBhmEbAL9lubHGB
-  - id: sorcerer_dev
-    redirectURIs:
-      - 'https://dev.sorcerer.ekman.oceanbox.io/signin-oidc'
-      - 'https://sorcerer.ekman.oceanbox.io/signin-oidc'
-      - 'https://sorcerer.hpc.oceanbox.io/signin-oidc'
-      - 'https://jonas-tilt-sorcerer.ekman.oceanbox.io/signin-oidc'
-      - 'https://simkir-tilt-sorcerer.ekman.oceanbox.io/signin-oidc'
-      - 'https://s.local.oceanbox.io:11080/signin-oidc'
-      - 'https://sorcerer.local.oceanbox.io:11080/signin-oidc'
-    name: 'Sorcerer dev'
-    secret: cyrgDr1UzhQrJn8nRVqEt9BJ9mLk3OBy
-  - id: archmeister
-    redirectURIs:
-      - 'https://archmeister.srv.oceanbox.io/signin-oidc'
-    name: 'Archmeister'
-    secret: ieK3yak9zoh3yeewee8quahY6seiv7Ro
-  - id: archmeister_dev
-    redirectURIs:
-      - 'https://archmeister.beta.oceanbox.io/signin-oidc'
-      - 'https://jonas-archmeister.beta.oceanbox.io/signin-oidc'
-      - 'https://simkir-archmeister.beta.oceanbox.io/signin-oidc'
-      - 'https://r.local.oceanbox.io:11080/signin-oidc'
-      - 'https://archmeister.local.oceanbox.io:9080/signin-oidc'
-    name: 'Archmeister dev'
-    secret: Dae1eekeedeuKaoCiesh1Jei6aishe8I
-

charts/dex/prod/kustomization.yaml

@@ -1,9 +1,5 @@
 namePrefix: prod-
-generatorOptions:
-  disableNameSuffixHash: true
-secretGenerator:
-  - name: dex-config
-    files:
-      - config.yaml
 resources:
   - ../base
+components:
+  - ../config

charts/dex/staging/kustomization.yaml

@@ -1,10 +1,4 @@
 namePrefix: staging-
-generatorOptions:
-  disableNameSuffixHash: true
-secretGenerator:
-  - name: dex-config
-    files:
-      - config.yaml
 patches:
   - target:
       group: postgresql.cnpg.io
@@ -12,4 +6,5 @@ patches:
       kind: Cluster
     path: cluster_patch.yaml
 resources:
+  - ../
   - ../base