diff --git a/hacks/values/oathkeeper.yaml b/hacks/values/oathkeeper.yaml index a899e3f3a..5cb86d55b 100644 --- a/hacks/values/oathkeeper.yaml +++ b/hacks/values/oathkeeper.yaml @@ -23,9 +23,7 @@ ingress: name: myservice port: number: 80 - annotations: - kubernetes.io/ingress.class: nginx - kubernetes.io/tls-acme: "true" + annotations: {} api: enabled: true priorityClassName: "system-cluster-critical" diff --git a/helm/charts/oathkeeper/README.md b/helm/charts/oathkeeper/README.md index d1ed8d22d..6c88cc742 100644 --- a/helm/charts/oathkeeper/README.md +++ b/helm/charts/oathkeeper/README.md @@ -83,6 +83,7 @@ A Helm chart for deploying ORY Oathkeeper in Kubernetes | nameOverride | string | `""` | Chart name override | | oathkeeper.accessRules | string | `""` | If set, uses the given access rules. | | oathkeeper.config | object | `{"access_rules":{"repositories":["file:///etc/rules/access-rules.json"]},"serve":{"api":{"port":4456},"prometheus":{"port":9000},"proxy":{"port":4455}}}` | The ORY Oathkeeper configuration. For a full list of available settings, check: https://github.com/ory/oathkeeper/blob/master/docs/config.yaml | +| oathkeeper.helmTemplatedConfigEnabled | bool | `false` | Runs the `tpl` function on the config object. Warrning! This may break configuration settings that use go templates, like https://github.com/ory/k8s/issues/707 | | oathkeeper.managedAccessRules | bool | `true` | If you enable maester, the following value should be set to "false" to avoid overwriting the rules generated by the CDRs. Additionally, the value "accessRules" shouldn't be used as it will have no effect once "managedAccessRules" is disabled. | | oathkeeper.mutatorIdTokenJWKs | string | `""` | If set, uses the given JSON Web Key Set as the signing key for the ID Token Mutator. Requires secret.enabled to be set `true`. | | pdb.enabled | bool | `false` | | diff --git a/helm/charts/oathkeeper/charts/oathkeeper-maester-0.49.0.tgz b/helm/charts/oathkeeper/charts/oathkeeper-maester-0.49.0.tgz index f190e8202..823099ec9 100644 Binary files a/helm/charts/oathkeeper/charts/oathkeeper-maester-0.49.0.tgz and b/helm/charts/oathkeeper/charts/oathkeeper-maester-0.49.0.tgz differ diff --git a/helm/charts/oathkeeper/templates/_helpers.tpl b/helm/charts/oathkeeper/templates/_helpers.tpl index 36fea2b84..c019bfbe5 100644 --- a/helm/charts/oathkeeper/templates/_helpers.tpl +++ b/helm/charts/oathkeeper/templates/_helpers.tpl @@ -30,7 +30,11 @@ Generate the configmap data, redacting secrets */}} {{- define "oathkeeper.configmap" -}} {{- $config := .Values.oathkeeper.config -}} +{{- if .Values.oathkeeper.helmTemplatedConfigEnabled -}} {{- tpl (toYaml $config) . -}} +{{- else -}} +{{- toYaml $config -}} +{{- end -}} {{- end -}} {{/* diff --git a/helm/charts/oathkeeper/values.yaml b/helm/charts/oathkeeper/values.yaml index a53baa82d..2c2603325 100644 --- a/helm/charts/oathkeeper/values.yaml +++ b/helm/charts/oathkeeper/values.yaml @@ -182,6 +182,9 @@ ingress: ## -- Configure ORY Oathkeeper itself oathkeeper: + # -- Runs the `tpl` function on the config object. + # Warrning! This may break configuration settings that use go templates, like https://github.com/ory/k8s/issues/707 + helmTemplatedConfigEnabled: false # -- The ORY Oathkeeper configuration. For a full list of available settings, check: # https://github.com/ory/oathkeeper/blob/master/docs/config.yaml config: