From 14b53204b62ec4c8d1c864b4c8564d1060106980 Mon Sep 17 00:00:00 2001 From: sfdevops Date: Thu, 17 Oct 2024 08:02:43 +0530 Subject: [PATCH] cognito related changes updated --- .../templates/authentication-service-deployment.yaml | 5 +++++ .../auth0/templates/secret-provider-class-and-sa.yaml | 8 +++++++- .../bridge/tenant-helm-chart/auth0/values.yaml.template | 3 ++- files/tenant-samples/bridge/terraform/data.tf | 1 + 4 files changed, 15 insertions(+), 2 deletions(-) diff --git a/files/tenant-samples/bridge/tenant-helm-chart/auth0/templates/authentication-service-deployment.yaml b/files/tenant-samples/bridge/tenant-helm-chart/auth0/templates/authentication-service-deployment.yaml index 99442569..a04c99e0 100644 --- a/files/tenant-samples/bridge/tenant-helm-chart/auth0/templates/authentication-service-deployment.yaml +++ b/files/tenant-samples/bridge/tenant-helm-chart/auth0/templates/authentication-service-deployment.yaml @@ -159,6 +159,11 @@ spec: secretKeyRef: name: api-token key: JWT_ISSUER + - name: AUTH0_CLIENT_SECRET + valueFrom: + secretKeyRef: + name: api-token + key: AUTH0_CLIENT_SECRET {{- if .Values.imagePullSecret.enabled }} imagePullSecrets: - name: {{ .Values.imagePullSecret.name }} diff --git a/files/tenant-samples/bridge/tenant-helm-chart/auth0/templates/secret-provider-class-and-sa.yaml b/files/tenant-samples/bridge/tenant-helm-chart/auth0/templates/secret-provider-class-and-sa.yaml index 5e80fe71..2cdefeff 100644 --- a/files/tenant-samples/bridge/tenant-helm-chart/auth0/templates/secret-provider-class-and-sa.yaml +++ b/files/tenant-samples/bridge/tenant-helm-chart/auth0/templates/secret-provider-class-and-sa.yaml @@ -50,6 +50,7 @@ spec: - objectName: video_confrencing_service_db_database key: VIDEO_CONFRENCING_SERVICE_DB_DATABASE - objectName: notification_service_db_database + key: NOTIFICATION_SERVICE_DB_DATABASE - objectName: vonage-api-key-secret key: VONAGE_API_KEY_SECRET - objectName: pubnub-pub-key @@ -58,6 +59,8 @@ spec: key: PUBNUB_SUB_KEY - objectName: pubnub-secret-key key: PUBNUB_SECRET_KEY + - objectName: auth0-client-secret + key: AUTH0_CLIENT_SECRET parameters: # region: us-west-2 objects: | @@ -114,4 +117,7 @@ spec: objectAlias: pubnub-sub-key - objectName: {{ .Values.pubnubSecretKey }} objectType: ssmparameter - objectAlias: pubnub-secret-key \ No newline at end of file + objectAlias: pubnub-secret-key + - objectName: {{ .Values.auth0ClientSecret }} + objectType: ssmparameter + objectAlias: auth0-client-secret \ No newline at end of file diff --git a/files/tenant-samples/bridge/tenant-helm-chart/auth0/values.yaml.template b/files/tenant-samples/bridge/tenant-helm-chart/auth0/values.yaml.template index c1fb17c1..29a3532d 100644 --- a/files/tenant-samples/bridge/tenant-helm-chart/auth0/values.yaml.template +++ b/files/tenant-samples/bridge/tenant-helm-chart/auth0/values.yaml.template @@ -369,4 +369,5 @@ videoconfrencingdbdatabase: ${VIDEO_CONFRENCING_DATABASE} vonageSecret: /pubnub/vonage-api-key-secret pubnubPubKey: /pubnub/public-key pubnubSubKey: /pubnub/subscribe-key -pubnubSecretKey: /pubnub/secret-key \ No newline at end of file +pubnubSecretKey: /pubnub/secret-key +auth0ClientSecret: /sf-arc-saas/dev/auth0-client-secret \ No newline at end of file diff --git a/files/tenant-samples/bridge/terraform/data.tf b/files/tenant-samples/bridge/terraform/data.tf index 0e0f78e7..73db10ca 100644 --- a/files/tenant-samples/bridge/terraform/data.tf +++ b/files/tenant-samples/bridge/terraform/data.tf @@ -94,6 +94,7 @@ data "aws_iam_policy_document" "ssm_policy" { ] resources = ["arn:aws:ssm:${var.region}:${local.sts_caller_arn}:parameter/${var.namespace}/${var.environment}/${var.tenant_tier}/*", "arn:aws:ssm:${var.region}:${local.sts_caller_arn}:parameter/pubnub/*", + "arn:aws:ssm:${var.region}:${local.sts_caller_arn}:parameter/${var.namespace}/${var.environment}/auth0-client-secret", "arn:aws:cognito-idp:${var.region}:${local.sts_caller_arn}:*"] } }