feat(oauth): add to env

2026-03-22 06:57:47 +01:00 · 2025-10-21 22:08:00 +02:00
parent 2b640fc6ac
commit 91a32b2f10
6 changed files with 31 additions and 2 deletions
--- a/.github/workflows/deploy-prod.yaml
+++ b/.github/workflows/deploy-prod.yaml
@@ -85,6 +85,8 @@ jobs:
          BANKID_CLIENT_SECRET: ${{ secrets.BANKID_CLIENT_SECRET }}
          MOJEID_CLIENT_ID: ${{ secrets.MOJEID_CLIENT_ID }}
          MOJEID_CLIENT_SECRET: ${{ secrets.MOJEID_CLIENT_SECRET }}
          CSAS_CLIENT_ID: ${{ secrets.CSAS_CLIENT_ID }}
          CSAS_CLIENT_SECRET: ${{ secrets.CSAS_CLIENT_SECRET }}
          SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
        run: |
          helm upgrade --install myapp ./7project/charts/myapp-chart \
@@ -102,4 +104,6 @@ jobs:
            --set-string oauth.bankid.clientSecret="$BANKID_CLIENT_SECRET" \
            --set-string oauth.mojeid.clientId="$MOJEID_CLIENT_ID" \
            --set-string oauth.mojeid.clientSecret="$MOJEID_CLIENT_SECRET" \
            --set-string oauth.csas.clientId="$CSAS_CLIENT_ID" \
            --set-string oauth.csas.clientSecret="$CSAS_CLIENT_SECRET" \
            --set-string sentry_dsn="$SENTRY_DSN" \
--- a/7project/backend/app/api/csas.py
+++ b/7project/backend/app/api/csas.py
@@ -12,8 +12,8 @@ from app.services.user_service import current_active_user
 router = APIRouter(prefix="/auth/csas", tags=["csas"])
-CLIENT_ID = "95082b91-ae16-4033-b850-c04d66274331"
+CLIENT_ID = os.getenv("CSAS_CLIENT_ID")
-CLIENT_SECRET = "175cf6ce-9ebe-435a-8a63-13b226663032"
+CLIENT_SECRET = os.getenv("CSAS_CLIENT_SECRET")
 CSAS_OAUTH = CSASOAuth(CLIENT_ID, CLIENT_SECRET)
--- a/7project/charts/myapp-chart/templates/app-deployment.yaml
+++ b/7project/charts/myapp-chart/templates/app-deployment.yaml
@@ -78,6 +78,16 @@ spec:
                secretKeyRef:
                  name: prod
                  key: BANKID_CLIENT_SECRET
            - name: CSAS_CLIENT_ID
              valueFrom:
                secretKeyRef:
                  name: prod
                  key: CSAS_CLIENT_ID
            - name: CSAS_CLIENT_SECRET
              valueFrom:
                secretKeyRef:
                  name: prod
                  key: CSAS_CLIENT_SECRET
            - name: DOMAIN
              value: {{ required "Set .Values.domain" .Values.domain | quote }}
            - name: DOMAIN_SCHEME
--- a/7project/charts/myapp-chart/templates/prod.yaml
+++ b/7project/charts/myapp-chart/templates/prod.yaml
@@ -8,6 +8,8 @@ stringData:
  MOJEID_CLIENT_SECRET: {{ .Values.oauth.mojeid.clientSecret | quote }}
  BANKID_CLIENT_ID: {{ .Values.oauth.bankid.clientId | quote }}
  BANKID_CLIENT_SECRET: {{ .Values.oauth.bankid.clientSecret | quote }}
  CSAS_CLIENT_ID: {{ .Values.oauth.csas.clientId | quote }}
  CSAS_CLIENT_SECRET: {{ .Values.oauth.csas.clientSecret | quote }}
  # Database credentials
  MARIADB_DB: {{ required "Set .Values.deployment" .Values.deployment | quote }}
  MARIADB_USER: {{ required "Set .Values.deployment" .Values.deployment | quote }}
--- a/7project/charts/myapp-chart/templates/worker-deployment.yaml
+++ b/7project/charts/myapp-chart/templates/worker-deployment.yaml
@@ -70,3 +70,13 @@ spec:
                secretKeyRef:
                  name: prod
                  key: SENTRY_DSN
            - name: CSAS_CLIENT_ID
              valueFrom:
                secretKeyRef:
                  name: prod
                  key: CSAS_CLIENT_ID
            - name: CSAS_CLIENT_SECRET
              valueFrom:
                secretKeyRef:
                  name: prod
                  key: CSAS_CLIENT_SECRET
--- a/7project/charts/myapp-chart/values.yaml
+++ b/7project/charts/myapp-chart/values.yaml
@@ -46,6 +46,9 @@ oauth:
  mojeid:
    clientId: ""
    clientSecret: ""
  csas:
    clientId: ""
    clientSecret: ""
 rabbitmq:
  create: true