poc-core-deploy

No description

Smarty 55.1%
Python 33.2%
Shell 11.7%

Find a file

Patrick Sy a32c062091 feat: token enrichment poc		2026-05-21 16:43:58 +02:00
apisix/manifests	fix: added kcp apisixupstream to apisix manifests	2026-05-06 11:06:45 +02:00
app-chart	feat: token enrichment poc	2026-05-21 16:43:58 +02:00
argocd	chore: bumped edge-connect portal	2026-05-19 19:50:14 +02:00
database-chart	refactor: moved zitadel pat secret store out of database into separate app	2026-04-20 17:20:48 +02:00
docs/guides	feat: added controllers	2026-04-20 11:48:30 +02:00
edge-connect/manifests	feat: added authn and authz for tenant cm inside kcp	2026-05-15 11:46:40 +02:00
edge-connect-kcp-controllers-tenant/manifests	feat: added authn and authz for tenant cm inside kcp	2026-05-15 11:46:40 +02:00
example	feat: added more example orgs	2026-05-19 19:48:24 +02:00
kcp/base	feat: added kcp:orgs target to argo	2026-05-15 11:58:03 +02:00
kcp-admin-kubeconfig/manifests	feat: added authn and authz for tenant cm inside kcp	2026-05-15 11:46:40 +02:00
kcp-controllers-workspaces	chore: renamed workspace	2026-05-15 10:40:08 +02:00
kcp-controllers-workspaces-bootstrap	feat: added selfsubject review for authenticated users into contreollers worksapace	2026-05-15 16:02:39 +02:00
kcp-workspaces	feat: added kcp workspaces	2026-05-07 10:32:10 +02:00
opa	fix: updated namespace in kustumization	2026-04-16 10:57:21 +02:00
zitadel-admin-pat	feat: added iam-admin secret	2026-04-24 17:30:54 +02:00
zitadel-controller-manager/manifests	feat: added zitadel user controller	2026-05-12 11:47:08 +02:00
.gitignore	feat: added zitadel user controller	2026-05-12 11:47:08 +02:00
apisix-values-dev.yaml	fix: added tls route	2026-04-27 10:09:50 +02:00
create-user.sh	added create-user.sh	2026-05-06 12:53:51 +02:00
edge-connect-frontend-values-dev.yaml	Update edge-connect-frontend (#2 )	2026-05-08 14:33:07 +00:00
kcp-values-dev.yaml	feat: exporting virtual workspace url	2026-05-07 18:07:11 +02:00
README.md	feat: added guide to create clusteradmin kubeconfig	2026-04-20 10:18:48 +02:00
tenant-cm-tenant-controller-apibinding-values-dev.yaml	fix: improved vlaues files	2026-05-15 15:46:22 +02:00
tenant-cm-tenant-controller-apiexport-values-dev.yaml	fix: improved vlaues files	2026-05-15 15:46:22 +02:00
tenant-cm-tenantpolicy-controller-apiexport-values-dev.yaml	fix: improved vlaues files	2026-05-15 15:46:22 +02:00
tenant-controller-values-dev.yaml	fix: secret naming	2026-05-15 11:49:38 +02:00
zitadel-bootstrap-values-dev.yaml	feat: token enrichment poc	2026-05-21 16:43:58 +02:00
zitadel-database-values-dev.yaml	refactor: moved zitadel pat secret store out of database into separate app	2026-04-20 17:20:48 +02:00
zitadel-ssoconfig-controller-values-dev.yaml	chore: bumped zitadel controller	2026-05-19 18:18:46 +02:00
zitadel-user-controller-values-dev.yaml	chore: bumped zitadel controller	2026-05-19 18:18:46 +02:00
zitadel-values-dev.yaml	fix: enabling webhooks for bootstrapping	2026-04-29 15:37:19 +02:00

README.md

Retrieve KCP Clusteradmin cert

Wait until certificate generate from kcp/base/clusteradmin.yaml is deployed then execute

export KCP_EXTERNAL_HOSTNAME=kcp.dev.t09.de
export KCP_PORT=6443
kubectl get secret -n core-kcp-dev kcp-dev-front-proxy-cert -o=jsonpath='{.data.tls\.crt}' | base64 -d > ca.crt
kubectl get secret -n core-kcp-dev cluster-admin-client-cert -o=jsonpath='{.data.tls\.crt}' | base64 -d > client.crt
kubectl get secret -n core-kcp-dev cluster-admin-client-cert -o=jsonpath='{.data.tls\.key}' | base64 -d > client.key
chmod 600 client.crt client.key
kubectl --kubeconfig=admin.kubeconfig config set-cluster base --server https://$KCP_EXTERNAL_HOSTNAME:$KCP_PORT --certificate-authority=ca.crt
kubectl --kubeconfig=admin.kubeconfig config set-cluster root --server https://$KCP_EXTERNAL_HOSTNAME:$KCP_PORT/clusters/root --certificate-authority=ca.crt
kubectl --kubeconfig=admin.kubeconfig config set-credentials kcp-admin --client-certificate=client.crt --client-key=client.key
kubectl --kubeconfig=admin.kubeconfig config set-context base --cluster=base --user=kcp-admin
kubectl --kubeconfig=admin.kubeconfig config set-context root --cluster=root --user=kcp-admin
kubectl --kubeconfig=admin.kubeconfig config use-context root
rm ca.crt client.crt client.key