feat(auth): replace ingress basicAuth with app login

kustomize/overlays/staging/frontend-auth-patch.yaml

@@ -10,3 +10,25 @@ spec:
           env:
             - name: BASIC_AUTH_MODE
               value: "off"
+            - name: AUTH_MODE
+              value: "session"
+            - name: HTPASSWD_FILE
+              value: "/auth/users"
+            - name: AUTH_SESSION_SECRET_FILE
+              value: "/auth/session-secret"
+          volumeMounts:
+            - name: auth-users
+              mountPath: /auth/users
+              subPath: users
+              readOnly: true
+            - name: auth-session
+              mountPath: /auth/session-secret
+              subPath: secret
+              readOnly: true
+      volumes:
+        - name: auth-users
+          secret:
+            secretName: trade-basic-auth
+        - name: auth-session
+          secret:
+            secretName: trade-session-secret

kustomize/overlays/staging/frontend-ingress.yaml

@@ -5,7 +5,6 @@ metadata:
   annotations:
     cert-manager.io/cluster-issuer: letsencrypt-prod
     traefik.ingress.kubernetes.io/router.entrypoints: websecure
-    traefik.ingress.kubernetes.io/router.middlewares: trade-staging-trade-basic-auth@kubernetescrd
 spec:
   ingressClassName: traefik
   tls:

kustomize/overlays/staging/kustomization.yaml

@@ -6,7 +6,6 @@ namespace: trade-staging
 resources:
   - ../../base
   - pgadmin.yaml
-  - trade-basic-auth-middleware.yaml
   - frontend-ingress.yaml
 
 patchesStrategicMerge:

kustomize/overlays/staging/trade-basic-auth-middleware.yaml

@@ -1,10 +0,0 @@
-apiVersion: traefik.io/v1alpha1
-kind: Middleware
-metadata:
-  name: trade-basic-auth
-spec:
-  basicAuth:
-    secret: trade-basic-auth
-    realm: trade
-    headerField: X-Trade-User
-    removeHeader: true