From a181eb956ef9c044c821641fcf1aff4de83e281d Mon Sep 17 00:00:00 2001
From: Yury Kovalev <ykovalev@redhat.com>
Date: Wed, 22 Oct 2025 12:57:41 +0200
Subject: [PATCH] Add additional prod RHSSO issuer to fix auth issues on
 integration

---
 .secrets.baseline                             | 20 +++++++++----------
 .../central/pkg/environments/integration.go   |  2 ++
 internal/central/pkg/environments/stage.go    |  4 ----
 templates/service-template.yml                |  1 +
 4 files changed, 13 insertions(+), 14 deletions(-)

diff --git a/.secrets.baseline b/.secrets.baseline
index 8ce6886f70..d4b73105a5 100644
--- a/.secrets.baseline
+++ b/.secrets.baseline
@@ -296,63 +296,63 @@
         "filename": "templates/service-template.yml",
         "hashed_secret": "13032f402fed753c2248419ea4f69f99931f6dbc",
         "is_verified": false,
-        "line_number": 459
+        "line_number": 460
       },
       {
         "type": "Base64 High Entropy String",
         "filename": "templates/service-template.yml",
         "hashed_secret": "30025f80f6e22cdafb85db387d50f90ea884576a",
         "is_verified": false,
-        "line_number": 459
+        "line_number": 460
       },
       {
         "type": "Base64 High Entropy String",
         "filename": "templates/service-template.yml",
         "hashed_secret": "355f24fd038bcaf85617abdcaa64af51ed19bbcf",
         "is_verified": false,
-        "line_number": 459
+        "line_number": 460
       },
       {
         "type": "Base64 High Entropy String",
         "filename": "templates/service-template.yml",
         "hashed_secret": "3d8a1dcd2c3c765ce35c9a9552d23273cc4ddace",
         "is_verified": false,
-        "line_number": 459
+        "line_number": 460
       },
       {
         "type": "Base64 High Entropy String",
         "filename": "templates/service-template.yml",
         "hashed_secret": "4ac7b0522761eba972467942cd5cd7499dd2c361",
         "is_verified": false,
-        "line_number": 459
+        "line_number": 460
       },
       {
         "type": "Base64 High Entropy String",
         "filename": "templates/service-template.yml",
         "hashed_secret": "7639ab2a6bcf2ea30a055a99468c9cd844d4c22a",
         "is_verified": false,
-        "line_number": 459
+        "line_number": 460
       },
       {
         "type": "Base64 High Entropy String",
         "filename": "templates/service-template.yml",
         "hashed_secret": "b56360daf4793d2a74991a972b34d95bc00fb2da",
         "is_verified": false,
-        "line_number": 459
+        "line_number": 460
       },
       {
         "type": "Base64 High Entropy String",
         "filename": "templates/service-template.yml",
         "hashed_secret": "c9a73ef9ee8ce9f38437227801c70bcc6740d1a1",
         "is_verified": false,
-        "line_number": 459
+        "line_number": 460
       },
       {
         "type": "Secret Keyword",
         "filename": "templates/service-template.yml",
         "hashed_secret": "4e199b4a1c40b497a95fcd1cd896351733849949",
         "is_verified": false,
-        "line_number": 642,
+        "line_number": 643,
         "is_secret": false
       }
     ],
@@ -382,5 +382,5 @@
       }
     ]
   },
-  "generated_at": "2025-10-21T17:55:55Z"
+  "generated_at": "2025-10-22T10:56:01Z"
 }
diff --git a/internal/central/pkg/environments/integration.go b/internal/central/pkg/environments/integration.go
index 052f460351..40c22729cf 100644
--- a/internal/central/pkg/environments/integration.go
+++ b/internal/central/pkg/environments/integration.go
@@ -42,6 +42,8 @@ func (b IntegrationEnvLoader) Defaults() map[string]string {
 		"enable-deletion-of-expired-central": "true",
 		"dataplane-cluster-scaling-type":     "auto", // need to set this to 'auto' for integration environment as some tests rely on this
 		"fleetshard-authz-config-file":       "config/fleetshard-authz-development.yaml",
+		"enable-additional-sso-issuers":      "true",
+		"additional-sso-issuers-file":        "config/additional-sso-issuers.yaml",
 	}
 }
 
diff --git a/internal/central/pkg/environments/stage.go b/internal/central/pkg/environments/stage.go
index 0353a21c4c..81592d4416 100644
--- a/internal/central/pkg/environments/stage.go
+++ b/internal/central/pkg/environments/stage.go
@@ -12,10 +12,6 @@ func NewStageEnvLoader() environments.EnvLoader {
 		"max-allowed-instances":          "1",
 		"enable-central-external-domain": "true",
 		"cluster-compute-machine-type":   "m5.2xlarge",
-		"enable-additional-sso-issuers":  "true",
-		"additional-sso-issuers-file":    "config/additional-sso-issuers.yaml",
-		"jwks-file":                      "config/jwks-file-static.json",
-		"fleetshard-authz-config-file":   "config/fleetshard-authz-development.yaml",
 		"admin-authz-config-file":        "config/admin-authz-roles-dev.yaml",
 	}
 }
diff --git a/templates/service-template.yml b/templates/service-template.yml
index 1837d6bb3b..69ecee84fc 100644
--- a/templates/service-template.yml
+++ b/templates/service-template.yml
@@ -388,6 +388,7 @@ objects:
     data:
       additional-sso-issuers.yaml: |-
         - https://sso.stage.redhat.com/auth/realms/redhat-external
+        - https://sso.redhat.com/auth/realms/redhat-external
   - kind: ConfigMap
     apiVersion: v1
     metadata: