fix: separate dex staging/prod configs

charts/dex/base/config.yaml

@@ -1,14 +1,14 @@
 issuer: https://idp.oceanbox.io/dex
-storage:
+# storage:
-  type: postgres
+#   type: postgres
-  config:
+#   config:
-    host: dexdb-rw
+#     host: dexdb-rw
-    port: 5432
+#     port: 5432
-    database: app
+#     database: app
-    user: app
+#     user: app
-    password: e8Musi4IppwPDkSpfhjYBhNQEQtL2nEUl9LCL6X1cqDCxtW8UQko4wW0uiyU4myx
+#     password: e8Musi4IppwPDkSpfhjYBhNQEQtL2nEUl9LCL6X1cqDCxtW8UQko4wW0uiyU4myx
-    ssl:
+#     ssl:
-      mode: disable
+#       mode: disable
 web:
   http: 127.0.0.1:5556
 telemetry:

charts/dex/manifests/config.yaml

@@ -1,14 +1,25 @@
 apiVersion: argoproj.io/v1alpha1
-kind: Application
+kind: ApplicationSet
 metadata:
   name: dex-config
   namespace: argocd
 spec:
-  project: atlantis
+  generators:
-  destination:
+  - list:
-    server: https://kubernetes.default.svc
+      elements:
-    namespace: idp
+      - cluster: https://kubernetes.default.svc
-  sources:
+        env: prod
-  - repoURL: https://gitlab.com/oceanbox/manifests.git
+      - cluster: https://kubernetes.default.svc
-    targetRevision: dev
+        env: staging
-    path: charts/dex/config
+  template:
+    metadata:
+      name: '{{ env }}-dex-config'
+    spec:
+      project: atlantis
+      destination:
+        server: https://kubernetes.default.svc
+        namespace: idp
+      sources:
+      - repoURL: https://gitlab.com/oceanbox/manifests.git
+        targetRevision: dev
+        path: 'charts/dex/{{ env }}'

charts/dex/prod/config.yaml

@@ -0,0 +1,10 @@
+storage:
+  type: postgres
+  config:
+    host: dexdb-rw
+    port: 5432
+    database: prod
+    user: dex
+    password: e8Musi4IppwPDkSpfhjYBhNQEQtL2nEUl9LCL6X1cqDCxtW8UQko4wW0uiyU4myx
+    ssl:
+      mode: disable

charts/dex/prod/kustomization.yaml

@@ -0,0 +1,7 @@
+# namePrefix: staging-
+generatorOptions:
+  disableNameSuffixHash: true
+secretGenerator:
+  - name: dex-config
+    files:
+      - config.yaml

charts/dex/resources/dexdb-cluster.yaml

@@ -8,12 +8,10 @@ spec:
   enableSuperuserAccess: true
   instances: 2
   logLevel: info
-  # bootstrap:
+  bootstrap:
-  #   initdb:
+    initdb:
-  #     database: archivistdb
+      database: prod
-  #     owner: archivist
+      owner: dex
-  #     secret:
-  #       name: archivistdb-secret
   storage:
     pvcTemplate:
       accessModes:
@@ -25,26 +23,6 @@ spec:
       volumeMode: Filesystem
     resizeInUseVolumes: true
     size: 1Gi
-  # superuserSecret:
-  #   name: dexdb-secret
-# ---
-# apiVersion: v1
-# data:
-#   # phei2beiRei0
-#   password: cGhlaTJiZWlSZWkwCg==
-#   username: YXJjaGl2aXN0Cg==
-# kind: Secret
-# metadata:
-#   name: archivistdb-secret
-# type: kubernetes.io/basic-auth
-# ---
-# apiVersion: v1
-# data:
-#   password: ZW4gdG8gdHJlIGZpcmUK
-# kind: Secret
-# metadata:
-#   name: dexdb-secret
-# type: kubernetes.io/basic-auth
 ---
 apiVersion: v1
 kind: Service

charts/dex/staging/config.yaml

@@ -0,0 +1,10 @@
+storage:
+  type: postgres
+  config:
+    host: dexdb-rw
+    port: 5432
+    database: staging
+    user: dex
+    password: e8Musi4IppwPDkSpfhjYBhNQEQtL2nEUl9LCL6X1cqDCxtW8UQko4wW0uiyU4myx
+    ssl:
+      mode: disable

charts/dex/staging/kustomization.yaml

@@ -0,0 +1,7 @@
+# namePrefix: staging-
+generatorOptions:
+  disableNameSuffixHash: true
+secretGenerator:
+  - name: dex-config
+    files:
+      - config.yaml