From 187005d44190f57835476024e9981fe431bdbe14 Mon Sep 17 00:00:00 2001
From: Anthony LC <anthony.le-courric@mail.numerique.gouv.fr>
Date: Mon, 3 Jun 2024 15:05:20 +0200
Subject: [PATCH] =?UTF-8?q?=F0=9F=91=B7(helm)=20preprod=20configuration?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Add the preprod configuration to the helm chart.
---
 src/helm/env.d/preprod/secrets.enc.yaml       |   1 +
 .../env.d/preprod/values.desk.yaml.gotmpl     | 104 ++++++++++++++++++
 src/helm/helmfile.yaml                        |   6 +-
 3 files changed, 110 insertions(+), 1 deletion(-)
 create mode 100644 src/helm/env.d/preprod/secrets.enc.yaml
 create mode 100644 src/helm/env.d/preprod/values.desk.yaml.gotmpl

diff --git a/src/helm/env.d/preprod/secrets.enc.yaml b/src/helm/env.d/preprod/secrets.enc.yaml
new file mode 100644
index 0000000..7aac534
--- /dev/null
+++ b/src/helm/env.d/preprod/secrets.enc.yaml
@@ -0,0 +1 @@
+../../../../secrets/numerique-gouv/people/env/preprod/secrets.enc.yaml
\ No newline at end of file
diff --git a/src/helm/env.d/preprod/values.desk.yaml.gotmpl b/src/helm/env.d/preprod/values.desk.yaml.gotmpl
new file mode 100644
index 0000000..c671bf8
--- /dev/null
+++ b/src/helm/env.d/preprod/values.desk.yaml.gotmpl
@@ -0,0 +1,104 @@
+image:
+  repository: lasuite/people-backend
+  pullPolicy: Always
+  tag: "main"
+
+backend:
+  migrateJobAnnotations:
+    argocd.argoproj.io/hook: PreSync
+    argocd.argoproj.io/hook-delete-policy: HookSucceeded
+  envVars:
+    DJANGO_CSRF_TRUSTED_ORIGINS: https://desk-preprod.beta.numerique.gouv.fr
+    DJANGO_CONFIGURATION: Production
+    DJANGO_ALLOWED_HOSTS: "*"
+    DJANGO_SECRET_KEY:
+      secretKeyRef:
+        name: backend
+        key: DJANGO_SECRET_KEY
+    DJANGO_SETTINGS_MODULE: people.settings
+    DJANGO_SUPERUSER_PASSWORD:
+      secretKeyRef:
+        name: backend
+        key: DJANGO_SUPERUSER_PASSWORD
+    DJANGO_EMAIL_HOST: "snap-mail.numerique.gouv.fr"
+    DJANGO_EMAIL_PORT: 465
+    DJANGO_EMAIL_USE_SSL: True
+    DJANGO_SILENCED_SYSTEM_CHECKS: security.W008,security.W004
+    OIDC_OP_JWKS_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/jwks
+    OIDC_OP_AUTHORIZATION_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/authorize
+    OIDC_OP_TOKEN_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/token
+    OIDC_OP_USER_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/userinfo
+    OIDC_OP_LOGOUT_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/session/end
+    OIDC_RP_CLIENT_ID:
+      secretKeyRef:
+        name: backend
+        key: OIDC_RP_CLIENT_ID
+    OIDC_RP_CLIENT_SECRET:
+      secretKeyRef:
+        name: backend
+        key: OIDC_RP_CLIENT_SECRET
+    OIDC_RP_SIGN_ALGO: RS256
+    OIDC_RP_SCOPES: "openid email"
+    OIDC_REDIRECT_ALLOWED_HOSTS: https://desk-preprod.beta.numerique.gouv.fr
+    OIDC_AUTH_REQUEST_EXTRA_PARAMS: "{'acr_values': 'eidas1'}"
+    LOGIN_REDIRECT_URL: https://desk-preprod.beta.numerique.gouv.fr
+    LOGIN_REDIRECT_URL_FAILURE: https://desk-preprod.beta.numerique.gouv.fr
+    LOGOUT_REDIRECT_URL: https://desk-preprod.beta.numerique.gouv.fr
+    DB_HOST:
+      secretKeyRef:
+        name: postgresql.postgres.libre.sh
+        key: host
+    DB_NAME:
+      secretKeyRef:
+        name: postgresql.postgres.libre.sh
+        key: database
+    DB_USER:
+      secretKeyRef:
+        name: postgresql.postgres.libre.sh
+        key: username
+    DB_PASSWORD:
+      secretKeyRef:
+        name: postgresql.postgres.libre.sh
+        key: password
+    DB_PORT:
+      secretKeyRef:
+        name: postgresql.postgres.libre.sh
+        key: port
+    POSTGRES_USER:
+      secretKeyRef:
+        name: postgresql.postgres.libre.sh
+        key: username
+    POSTGRES_DB:
+      secretKeyRef:
+        name: postgresql.postgres.libre.sh
+        key: database
+    POSTGRES_PASSWORD:
+      secretKeyRef:
+        name: postgresql.postgres.libre.sh
+        key: password
+    REDIS_URL:
+      secretKeyRef:
+        name: redis.redis.libre.sh
+        key: url
+
+frontend:
+  image:
+    repository: lasuite/people-frontend
+    pullPolicy: Always
+    tag: "main"
+
+ingress:
+  enabled: true
+  host: desk-preprod.beta.numerique.gouv.fr
+  className: nginx
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+
+ingressAdmin:
+  enabled: true
+  host: desk-preprod.beta.numerique.gouv.fr
+  className: nginx
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+    nginx.ingress.kubernetes.io/auth-signin: https://oauth2-proxy-preprod.beta.numerique.gouv.fr/oauth2/start
+    nginx.ingress.kubernetes.io/auth-url: https://oauth2-proxy-preprod.beta.numerique.gouv.fr/oauth2/auth
diff --git a/src/helm/helmfile.yaml b/src/helm/helmfile.yaml
index 71685dc..46cf881 100644
--- a/src/helm/helmfile.yaml
+++ b/src/helm/helmfile.yaml
@@ -55,4 +55,8 @@ environments:
       - version: 0.0.1
     secrets:
       - env.d/{{ .Environment.Name }}/secrets.enc.yaml
-
+  preprod:
+    values:
+      - version: 0.0.1
+    secrets:
+      - env.d/{{ .Environment.Name }}/secrets.enc.yaml