Remove oidc and external_secret

charts/eck-resources/templates/kibana.yaml

@@ -11,26 +11,8 @@ spec:
   config:
     xpack.security.authc.selector.enabled: true
     xpack.security.authc.providers:
-      oidc.oidc1:
+      basic.basic1:
         order: 0
-        realm: "keycloak"
-{{- if and .Values.oidc .Values.oidc.existingSecret }}
-  {{- $secret := lookup "v1" "Secret" "monitoring" .Values.oidc.existingSecret }}
-  {{- if and $secret (hasKey $secret "data") }}
-    {{- $clientSecret := (hasKey $secret.data "clientSecret") | ternary ($secret.data.clientSecret | b64dec | quote) "\"\"" }}
-    xpack.security.authc.oidc.realms.keycloak:
-      order: 0
-      rp.client_id: "kibana"
-      rp.response_type: "code"
-      rp.redirect_uri: "https://{{ .Values.host }}/api/security/oidc/callback"
-      rp.post_logout_redirect_uri: "https://{{ .Values.host }}"
-      rp.client_secret: {{ $clientSecret }}
-      idp.metadata_url: "https://keycloak.dvirlabs.com/realms/{{ .Values.oidc.realm }}/.well-known/openid-configuration"
-      idp.entity_id: "https://keycloak.dvirlabs.com/realms/{{ .Values.oidc.realm }}"
-      claim_patterns.principal: "preferred_username"
-      claim_patterns.groups: "roles"
-  {{- end }}
-{{- end }}
   http:
     tls:
       selfSignedCertificate:

manifests/external-secrets/kibana/external-secret.yaml

@@ -1,18 +0,0 @@
-apiVersion: external-secrets.io/v1beta1
-kind: ExternalSecret
-metadata:
-  name: kibana-oidc
-  namespace: monitoring
-spec:
-  refreshInterval: 1h
-  secretStoreRef:
-    name: vault-oidc-clients
-    kind: ClusterSecretStore
-  target:
-    name: kibana-oidc-secret
-    creationPolicy: Owner
-  data:
-    - secretKey: clientSecret
-      remoteRef:
-        key: oidc-clients/kibana-oidc
-        property: client_secret