feat(k8s): use secret as shared source for admin private key

internal/integration/kubernetes/keyset.go

@@ -0,0 +1,41 @@
+package kubernetes
+
+import (
+	"bytes"
+	"crypto"
+	"crypto/sha256"
+	"fmt"
+	"slices"
+
+	"forge.cadoles.com/cadoles/bouncer/internal/jwk"
+	"github.com/pkg/errors"
+)
+
+func getKeySetThumbprint(set jwk.Set) (string, error) {
+	data := make([][]byte, 0, set.Len())
+
+	for i := 0; i < set.Len(); i++ {
+		key, exists := set.Key(i)
+		if !exists {
+			continue
+		}
+
+		thumbprint, err := key.Thumbprint(crypto.SHA256)
+		if err != nil {
+			return "", errors.WithStack(err)
+		}
+
+		data = append(data, thumbprint)
+	}
+
+	slices.SortFunc(data, bytes.Compare)
+
+	hash := sha256.New()
+	for _, d := range data {
+		if _, err := hash.Write(d); err != nil {
+			return "", errors.WithStack(err)
+		}
+	}
+
+	return fmt.Sprintf("%x", hash.Sum(nil)), nil
+}