add traefik oauth forward

deployment/authZ/deployment.yaml

@@ -0,0 +1,51 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app.kubernetes.io/instance: gh-authz
+    app.kubernetes.io/name: gh-authz
+  annotations:
+    argocd.argoproj.io/sync-wave: "1"
+    argocd.argoproj.io/hook: Synce
+  name: gh-authz
+  namespace: generations-heritage
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: gh-authz
+      app.kubernetes.io/name: gh-authz
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/instance: gh-authz
+        app.kubernetes.io/name: gh-authz
+    spec:
+      containers:
+        - image: vcscsvcscs/gheritage-auth-service:latest
+          imagePullPolicy: Always
+          name: gh-authz
+          ports:
+          - containerPort: 443
+            name: gin
+          securityContext:
+            runAsUser: 0
+          resources:
+            limits:
+              cpu: 250m
+              memory: 200Mi
+            requests:
+              cpu: 100m
+              memory: 50Mi
+          volumeMounts:
+            - name: gh-authz-certs
+              mountPath: /etc/gh-authz/ssl
+            - name: zitadel-service-account
+              mountPath: /etc/gh-authz/zitadel
+      volumes:
+      - name: gh-authz-certs
+        secret:
+          secretName: gh-authz-tls
+      - name: zitadel-service-account
+        secret:
+          secretName: zitadel-service-account