From bc61de4a802d4b720e014841b4c0cbd5b5faeb51 Mon Sep 17 00:00:00 2001
From: Sheen Capadngan <sheen@symph.co>
Date: Sat, 20 May 2023 23:15:36 +0800
Subject: [PATCH] add provider auth secret to kubernetes and docker yaml

---
 helm-charts/infisical/templates/backend-deployment.yaml | 1 +
 helm-charts/infisical/values.yaml                       | 2 ++
 render.yaml                                             | 2 ++
 3 files changed, 5 insertions(+)

diff --git a/helm-charts/infisical/templates/backend-deployment.yaml b/helm-charts/infisical/templates/backend-deployment.yaml
index 79743901..5646d368 100644
--- a/helm-charts/infisical/templates/backend-deployment.yaml
+++ b/helm-charts/infisical/templates/backend-deployment.yaml
@@ -82,6 +82,7 @@ stringData:
                             "JWT_AUTH_SECRET" (randAlphaNum 32 | lower)
                             "JWT_SERVICE_SECRET" (randAlphaNum 32 | lower)
                             "JWT_MFA_SECRET" (randAlphaNum 32 | lower)
+                            "JWT_PROVIDER_AUTH_SECRET" (randAlphaNum 32 | lower)
                             "MONGO_URL" (include "infisical.mongodb.connectionString" .) }}
   {{- $secretObj := (lookup "v1" "Secret" .Release.Namespace (include "infisical.backend.fullname" .)) | default dict }}
   {{- $secretData := (get $secretObj "data") | default dict }}
diff --git a/helm-charts/infisical/values.yaml b/helm-charts/infisical/values.yaml
index 392c9b3b..a65f5922 100644
--- a/helm-charts/infisical/values.yaml
+++ b/helm-charts/infisical/values.yaml
@@ -131,6 +131,7 @@ backendEnvironmentVariables:
   ## @param backendEnvironmentVariables.JWT_AUTH_SECRET **Required** Secrets to sign JWT tokens (128-bit hex value, 32-characters hex, [example](https://stackoverflow.com/a/34329057))</br><kbd>auto-generated</kbd> variable (if not provided, and not found in an existing secret)
   ## @param backendEnvironmentVariables.JWT_SERVICE_SECRET **Required** Secrets to sign JWT tokens (128-bit hex value, 32-characters hex, [example](https://stackoverflow.com/a/34329057))</br><kbd>auto-generated</kbd> variable (if not provided, and not found in an existing secret)
   ## @param backendEnvironmentVariables.JWT_MFA_SECRET **Required** Secrets to sign JWT tokens (128-bit hex value, 32-characters hex, [example](https://stackoverflow.com/a/34329057))</br><kbd>auto-generated</kbd> variable (if not provided, and not found in an existing secret)
+  ## @param backendEnvironmentVariables.JWT_PROVIDER_AUTH_SECRET **Required** Secrets to sign JWT OAuth tokens (128-bit hex value, 32-characters hex, [example](https://stackoverflow.com/a/34329057))</br><kbd>auto-generated</kbd> variable (if not provided, and not found in an existing secret)
   ## Command to generate the required value (linux) : 'hexdump -vn16 -e'4/4 "%08X" 1 "\n"' /dev/urandom', 'openssl rand -hex 16'
   ##
   JWT_SIGNUP_SECRET: ""
@@ -138,6 +139,7 @@ backendEnvironmentVariables:
   JWT_AUTH_SECRET: ""
   JWT_SERVICE_SECRET: ""
   JWT_MFA_SECRET: ""
+  JWT_PROVIDER_AUTH_SECRET: ""
   ## @param backendEnvironmentVariables.SMTP_HOST **Required** Hostname to connect to for establishing SMTP connections
   ## @param backendEnvironmentVariables.SMTP_PORT Port to connect to for establishing SMTP connections
   ## @param backendEnvironmentVariables.SMTP_SECURE If true, use TLS when connecting to host. If false, TLS will be used if STARTTLS is supported
diff --git a/render.yaml b/render.yaml
index d73c9e59..82a92b46 100644
--- a/render.yaml
+++ b/render.yaml
@@ -17,6 +17,8 @@ services:
         generateValue: true
       - key: JWT_AUTH_SECRET
         generateValue: true
+      - key: JWT_PROVIDER_AUTH_SECRET
+        generateValue: true
       - key: MONGO_URL
         sync: false
       - key: PORT