fix ssh key for git sync

helm/monitoring/oauth2-proxy-alertmanager.yaml

@@ -1,22 +1,16 @@
-hostAliases:
-- ip: "13.140.150.2"
-  hostnames:
-    - "keycloak.idir-belfares.fr"
-
 config:
   existingSecret: oauth2-proxy-alertmanager
-  cookie_secure: false
+  cookie_secure: true
-  reverse_proxy: true
   set_xauthrequest: true
   cookie_samesite: "lax"
-  redirect_url: http://alertmanager.idir-belfares.fr/oauth2/callback
+  redirect_url: https://alertmanager.idir-belfares.fr/oauth2/callback
 
 extraArgs:
   provider: oidc
   skip-oidc-discovery: "true"
-  login-url: "http://keycloak.idir-belfares.fr/auth/realms/k8s-apps/protocol/openid-connect/auth"
+  login-url: "https://keycloak.idir-belfares.fr/auth/realms/k8s-apps/protocol/openid-connect/auth"
   redeem-url: "http://keycloak-keycloakx-http.keycloak.svc.cluster.local/auth/realms/k8s-apps/protocol/openid-connect/token"
-  oidc-issuer-url: "http://keycloak-keycloakx-http.keycloak.svc.cluster.local/auth/realms/k8s-apps"
+  oidc-issuer-url: "https://keycloak.idir-belfares.fr/auth/realms/k8s-apps"
   oidc-jwks-url: "http://keycloak-keycloakx-http.keycloak.svc.cluster.local/auth/realms/k8s-apps/protocol/openid-connect/certs"
   email-domain: "*"
   insecure-oidc-allow-unverified-email: "true"
@@ -25,6 +19,12 @@ extraArgs:
 ingress:
   enabled: true
   className: nginx
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+  hosts:
+    - alertmanager.idir-belfares.fr
+  tls:
+    - secretName: alertmanager-tls
       hosts:
         - alertmanager.idir-belfares.fr
   path: /

helm/monitoring/oauth2-proxy-prometheus.yaml

@@ -1,22 +1,16 @@
-hostAliases:
-- ip: "13.140.150.2"
-  hostnames:
-    - "keycloak.idir-belfares.fr"
-
 config:
   existingSecret: oauth2-proxy-prometheus
-  cookie_secure: false
+  cookie_secure: true
-  reverse_proxy: true
   set_xauthrequest: true
   cookie_samesite: "lax"
-  redirect_url: http://prometheus.idir-belfares.fr/oauth2/callback
+  redirect_url: https://prometheus.idir-belfares.fr/oauth2/callback
 
 extraArgs:
   provider: oidc
   skip-oidc-discovery: "true"
-  login-url: "http://keycloak.idir-belfares.fr/auth/realms/k8s-apps/protocol/openid-connect/auth"
+  login-url: "https://keycloak.idir-belfares.fr/auth/realms/k8s-apps/protocol/openid-connect/auth"
   redeem-url: "http://keycloak-keycloakx-http.keycloak.svc.cluster.local/auth/realms/k8s-apps/protocol/openid-connect/token"
-  oidc-issuer-url: "http://keycloak-keycloakx-http.keycloak.svc.cluster.local/auth/realms/k8s-apps"
+  oidc-issuer-url: "https://keycloak.idir-belfares.fr/auth/realms/k8s-apps"
   oidc-jwks-url: "http://keycloak-keycloakx-http.keycloak.svc.cluster.local/auth/realms/k8s-apps/protocol/openid-connect/certs"
   email-domain: "*"
   insecure-oidc-allow-unverified-email: "true"
@@ -25,6 +19,12 @@ extraArgs:
 ingress:
   enabled: true
   className: nginx
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+  hosts:
+    - prometheus.idir-belfares.fr
+  tls:
+    - secretName: prometheus-tls
       hosts:
         - prometheus.idir-belfares.fr
   path: /