feat(authelia): add app for evaluation

apps/authelia/overlays/system/config.json

@@ -0,0 +1,11 @@
+{
+  "appName": "authelia",
+  "userGivenName": "authelia",
+  "destNamespace": "authelia-system",
+  "destServer": "https://kubernetes.default.svc",
+  "srcPath": "apps/authelia/overlays/system",
+  "srcRepoURL": "ssh://git@gitea-ssh.gitops.svc.cluster.local:2222/davad/argo.git",
+  "srcTargetRevision": "",
+  "labels": null,
+  "annotations": null
+}

apps/authelia/overlays/system/kustomization.yaml

@@ -0,0 +1,7 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - ../../base
+
+generators:
+  - ./secret-generator.yaml

apps/authelia/overlays/system/secret-generator.yaml

@@ -0,0 +1,14 @@
+apiVersion: viaduct.ai/v1
+kind: ksops
+metadata:
+  # Specify a name
+  name: authelia-secret-generator
+  annotations:
+    config.kubernetes.io/function: |
+      exec:
+        # if the binary is in your PATH, you can do
+        path: ksops
+        # otherwise, path should be relative to manifest files, like
+        # path: ../../../ksops
+files:
+  - ./secret.enc.yaml

apps/authelia/overlays/system/secret.enc.yaml

@@ -0,0 +1,34 @@
+# Source: authelia/templates/secret.yaml
+apiVersion: v1
+kind: Secret
+type: Opaque
+metadata:
+    name: authelia
+    labels:
+        app.kubernetes.io/name: authelia
+        app.kubernetes.io/version: 4.38.16
+data:
+    identity_validation.reset_password.jwt.hmac.key: ENC[AES256_GCM,data:nd+F68f3PyWMKAw3tgRO7mtmiNaJVtRHmGbeUSbAZniOXRItXrJuB4GVaIttYI0B+EUet3poAwFrw2SybBBGKHVHF5OzOFh+fKoNlAwIa5Br8jO/49d722jxiL2sWPqJgJLY+M9mnvtWRBgTXWOIabAP8ZCadZyyAyKm0JITBhaDvUz6aqkQyhMtS5HcHtEHWtIX6cx9K9DLpl4VN9eCvwOFnUzQuIG1JuuogQ==,iv:pcKUgmWZ8j7XGn0DDvTXgVpIRaHYmiT83M0Lfeu6gMI=,tag:r5zmcWOHNthRdxOEDxNhQg==,type:str]
+    session.encryption.key: ENC[AES256_GCM,data:2HYKCXdVMwhDW0yByFuizMp0DGM81sPHEzjKrtmIqof1F5/izpDN6i/Vh46hBlgsiiAqcALFmfAZXR7KCtksMaIv/plViFvCoYIfprwyboYY2jMhm1zHSe9wTpi+PGX/0pO6OunLIoeECcXlbXG2xyY2nYBxbrowNzbgE/cMNTgENhKn+UdEgwUGYF2X7xyz4G661nYg8rbz70PfO3D6ymsemDxVcX0a4YsNow==,iv:w3MU/BIdNnfatBQPSOS6mMmXReA/nVYmZa3nZ5HZsoY=,tag:x+j5TchnmjXegTuhTEJCTw==,type:str]
+    storage.encryption.key: ENC[AES256_GCM,data:M9rgJx3clzISUr26zR2AQvVISqnCtugid3AEo1p0UlsKrkpWKF5qbqYxbvP7wiuuOx51fw08jwDKIgow6H2WFwSqIN2ZmUUPXKewxoseSqU5YFCKebgJ4GA6RQKIGfjJSwQ/qhw9OCTkPTD7HQxPJhV5YNXqrhDQDEvlFRzvq4YoZTBHek5PWfvVeuijMH4sPDSvQMz7j7QDdD07GVH94DhWfdWWTe+bIIX6fA==,iv:MojUB+hWex47aFl4gzndLDKpKj074ZC86/q+hKp9/vM=,tag:IfIFb5BT8kRtu8Rc0wo7vw==,type:str]
+    storage.postgres.password.txt: ENC[AES256_GCM,data:oLikQ+m2gJVf5h3bD+qCszQ8p/46PiCdzw3THXyanOQymDfsldsUMxngtfp5s3pm2zZrup0huDHJ0aiFkmijqNIg7YH8y+mHezGpNcnlBMBoyPiWJIDjpb+3cmQlUPNNw/JvPI7tkRtOkr4XZF+V77fqgHLaTxmgjXFfZ+CHiIobFHs/Cvk+hjRlnmka8GzyNAGSjB73bfCHXMymKAiASzISb1iZ7ca6I5aleA==,iv:w5EzV3NjRGY3E4dbcGYEkF48252Zy5/g6PPeop0AW7Q=,tag:wHWPOfFKDWWWFguSONSm3Q==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age:
+        - recipient: age1y26vr5qt6th3wu92rnsgkqcpxxah3pqkqa4khcjjycm3kg40aqyqjgfzx9
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOOC9CT1VwYmRISnFqd2xw
+            WG1ONG9qKzdQMUVQVkNybmJnOFhJYXZsZTNnCnUzMUwvTTBmbW5kRXRPVDMyM1hi
+            YjNxb1g2eHUxZk5aamE0Uy9CY2RPS2MKLS0tIGptOGNLU0xZREkyUkVXVkFvajdD
+            THk3d2h2bGtSaDRBSm5xejlNL0Y5TmcKgsYivnUfBodeXlRkStB/vJ41oaVZi7iE
+            OhGGmsTD0xNJYypTjlwl+e7qXClcC7mt1Lgg9mUCMVUvdT7RwJJobw==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2024-10-09T19:27:37Z"
+    mac: ENC[AES256_GCM,data:zhimwhlc3IOChp3Ydwm9SneOw24hoqK4bswkG5Bq5mXNfX7UQjv072U6OuY44ynkaULfkh+o8cif9IkYEcel8rPHD/neFZ+GRjhL6SVXl2+//1iSBtUM2a8QKJIWn9zxlqZyVFhq77oyf9PKKIgSQN3KU8RDCc+j6desThOzXbU=,iv:D6Pg7b1Tz+Vzzyc7PXR2U4WOxnBzgMqfWAJLoifwKUQ=,tag:s3qRNhlL4Y2bo2FoXh+oxQ==,type:str]
+    pgp: []
+    encrypted_regex: ^(data|stringData)$
+    version: 3.9.1