From 4b40fe0964cdd77532b2e0541a9a9a8f4dcc775e Mon Sep 17 00:00:00 2001
From: Alex Lokshin <alokshin@chanzuckerberg.com>
Date: Wed, 6 Nov 2024 11:55:25 -0500
Subject: [PATCH] feat: SSO secret helm chart

---
 sso-secret/Chart.yaml            |  9 +++++++++
 sso-secret/templates/secret.yaml | 19 +++++++++++++++++++
 sso-secret/values.yaml           |  3 +++
 3 files changed, 31 insertions(+)
 create mode 100644 sso-secret/Chart.yaml
 create mode 100644 sso-secret/templates/secret.yaml
 create mode 100644 sso-secret/values.yaml

diff --git a/sso-secret/Chart.yaml b/sso-secret/Chart.yaml
new file mode 100644
index 0000000..35d9232
--- /dev/null
+++ b/sso-secret/Chart.yaml
@@ -0,0 +1,9 @@
+apiVersion: v2
+name: sso-secret
+description: A Helm chart to create an SSO secret
+
+type: application
+
+version: 0.0.1
+
+appVersion: "0.0.1"
diff --git a/sso-secret/templates/secret.yaml b/sso-secret/templates/secret.yaml
new file mode 100644
index 0000000..bfef2c9
--- /dev/null
+++ b/sso-secret/templates/secret.yaml
@@ -0,0 +1,19 @@
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: {{ .Values.secretName }}
+spec:
+  refreshInterval: 1m
+  secretStoreRef:
+    name: aws-secretsmanager
+    kind: ClusterSecretStore
+  target:
+    name: {{ .Values.secretName }}
+    creationPolicy: Owner
+  data:
+  - secretKey: client-id
+    remoteRef:
+      key: {{ .Values.clusterName }}/{{ .Values.applicationName }}/oauth/client-id
+  - secretKey: client-secret
+    remoteRef:
+      key: {{ .Values.clusterName }}/{{ .Values.applicationName }}/oauth/client-secret
\ No newline at end of file
diff --git a/sso-secret/values.yaml b/sso-secret/values.yaml
new file mode 100644
index 0000000..b85325e
--- /dev/null
+++ b/sso-secret/values.yaml
@@ -0,0 +1,3 @@
+clusterName: my-cluster
+secretName: my-sso-secret
+applicationName: my-app
\ No newline at end of file