From cd71691e8429591cdd5596d886609ffd9490aa96 Mon Sep 17 00:00:00 2001
From: Maurice Faber <maurice.faber@redkubes.com>
Date: Fri, 27 Aug 2021 20:47:06 +0200
Subject: [PATCH] fix: keycloak idp.clientID value now generated

---
 src/cmd/bootstrap.ts        | 4 ++--
 values-schema.yaml          | 1 +
 values/gitea/gitea.gotmpl   | 2 +-
 values/jobs/keycloak.gotmpl | 2 +-
 4 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/src/cmd/bootstrap.ts b/src/cmd/bootstrap.ts
index 68f6da5d5a..94108113bc 100644
--- a/src/cmd/bootstrap.ts
+++ b/src/cmd/bootstrap.ts
@@ -185,9 +185,9 @@ export const bootstrapValues = async (): Promise<void> => {
   if (isChart()) {
     const vals = await hfValues()
 
-    await nothrow($`kubectl create secret generic otomi-passwords --from-literal='admin'='${vals.otomi.adminPassword}'`)
+    await nothrow($`kubectl create secret generic otomi-password --from-literal='admin'='${vals.otomi.adminPassword}'`)
     debug.log(
-      'A kubernetes secret has been created under the `otomi` namespace called `otomi-password` which contains all the generated passwords.',
+      'A kubernetes secret has been created in the `default` namespace called `otomi-password` which contains the `otomi.adminPassword`. You should know what to do with it ;)',
     )
     await mapValuesObjectIntoFiles(values)
   }
diff --git a/values-schema.yaml b/values-schema.yaml
index 609193e7c6..0f6a650d20 100644
--- a/values-schema.yaml
+++ b/values-schema.yaml
@@ -1499,6 +1499,7 @@ properties:
                 type: string
               clientID:
                 type: string
+                x-secret: '"otomi"'
               clientSecret:
                 type: string
                 x-secret: 'randAlpha 20'
diff --git a/values/gitea/gitea.gotmpl b/values/gitea/gitea.gotmpl
index dc23d8122d..c8f72bd0b1 100644
--- a/values/gitea/gitea.gotmpl
+++ b/values/gitea/gitea.gotmpl
@@ -73,7 +73,7 @@ gitea:
       prometheusSelector: system
   oauth:
     enabled: true
-    name: {{ $hasKeycloak | ternary $k.idp.alias "otomi" }}
+    name: {{ $hasKeycloak | ternary ($k | get "idp.alias" "otomi") "otomi" }}
     provider: openidConnect
     key: {{ $hasKeycloak | ternary $k.idp.clientID $o.clientID }}
     secret: {{ $hasKeycloak | ternary $k.idp.clientSecret $o.clientSecret }}
diff --git a/values/jobs/keycloak.gotmpl b/values/jobs/keycloak.gotmpl
index 43f0ac8bfc..c02a02f6f2 100644
--- a/values/jobs/keycloak.gotmpl
+++ b/values/jobs/keycloak.gotmpl
@@ -42,7 +42,7 @@ nativeSecrets:
   KEYCLOAK_ADDRESS: https://keycloak.{{ $v.cluster.domainSuffix }}
   KEYCLOAK_ADMIN: {{ $k | get "admin.username" "admin" }}
   KEYCLOAK_ADMIN_PASSWORD: {{ $k | get "adminPassword" $v.otomi.adminPassword }}
-  KEYCLOAK_CLIENT_ID: {{ $k | get "idp.clientID" "otomi" }}
+  KEYCLOAK_CLIENT_ID: {{ $k.idp.clientID }}
   KEYCLOAK_CLIENT_SECRET: {{ $k.idp.clientSecret }}
   IDP_ALIAS: {{ $k | get "idp.alias" "otomi-idp" }}
   IDP_USERNAME_CLAIM_MAPPER: {{ $v | get "oidc.usernameClaimMapper" "${CLAIM.upn}" }}