Skip to content

Commit

Permalink
Update oidc configuration in helm (#693)
Browse files Browse the repository at this point in the history
  • Loading branch information
acelinkio authored Nov 27, 2024
1 parent b79ab3c commit 7d1f227
Show file tree
Hide file tree
Showing 2 changed files with 34 additions and 33 deletions.
42 changes: 21 additions & 21 deletions chart/templates/back/deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -127,31 +127,31 @@ spec:
secretKeyRef:
key: {{ .Values.global.meilisearch.kyoo_back.masterkeyKey }}
name: {{ .Values.global.meilisearch.kyoo_back.existingSecret }}
{{- if .Values.kyoo.oidc.enabled }}
- name: OIDC_SERVICE_NAME
value: {{ .Values.kyoo.oidc.name | quote }}
- name: OIDC_SERVICE_LOGO
value: {{ .Values.kyoo.oidc.logo | quote }}
- name: OIDC_SERVICE_CLIENTID
{{- range $index, $provider := .Values.kyoo.oidc_providers }}
- name: OIDC_{{ $provider.name | upper }}_NAME
value: {{ $provider.name | quote }}
- name: OIDC_{{ $provider.name | upper }}_LOGO
value: {{ $provider.logo | quote }}
- name: OIDC_{{ $provider.name | upper }}_CLIENTID
valueFrom:
secretKeyRef:
key: {{ .Values.kyoo.oidc.clientIdKey }}
name: {{ .Values.kyoo.oidc.existingSecret }}
- name: OIDC_SERVICE_SECRET
key: {{ $provider.clientIdKey }}
name: {{ $provider.existingSecret }}
- name: OIDC_{{ $provider.name | upper }}_SECRET
valueFrom:
secretKeyRef:
key: {{ .Values.kyoo.oidc.clientSecretKey }}
name: {{ .Values.kyoo.oidc.existingSecret }}
- name: OIDC_SERVICE_AUTHORIZATION
value: {{ .Values.kyoo.oidc.authorizationAddress | quote }}
- name: OIDC_SERVICE_TOKEN
value: {{ .Values.kyoo.oidc.tokenAddress | quote }}
- name: OIDC_SERVICE_PROFILE
value: {{ .Values.kyoo.oidc.profileAddress | quote }}
- name: OIDC_SERVICE_SCOPE
value: {{ .Values.kyoo.oidc.scope | quote }}
- name: OIDC_SERVICE_AUTHMETHOD
value: {{ .Values.kyoo.oidc.authMethod | quote }}
key: {{ $provider.clientSecretKey }}
name: {{ $provider.existingSecret }}
- name: OIDC_{{ $provider.name | upper }}_AUTHORIZATION
value: {{ $provider.authorizationAddress | quote }}
- name: OIDC_{{ $provider.name | upper }}_TOKEN
value: {{ $provider.tokenAddress | quote }}
- name: OIDC_{{ $provider.name | upper }}_PROFILE
value: {{ $provider.profileAddress | quote }}
- name: OIDC_{{ $provider.name | upper }}_SCOPE
value: {{ $provider.scope | quote }}
- name: OIDC_{{ $provider.name | upper }}_AUTHMETHOD
value: {{ $provider.authMethod | default "ClientSecretBasic" | quote }}
{{- end }}
{{- with (concat .Values.global.extraEnv .Values.back.kyoo_back.extraEnv) }}
{{- toYaml . | nindent 12 }}
Expand Down
25 changes: 13 additions & 12 deletions chart/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -121,18 +121,19 @@ kyoo:
apikey:
existingSecret: bigsecret
apikeyKey: kyoo_apikeys
oidc:
enabled: false
existingSecret: bigsecret
clientIdKey: clientId
clientSecretKey: clientSecret
name: YourPrettyName
logo: https://url-of-your-logo.com
authorizationAddress: https://url-of-the-authorization-endpoint-of-the-oidc-service.com/auth
tokenAddress: https://url-of-the-token-endpoint-of-the-oidc-service.com/token
profileAddress: https://url-of-the-profile-endpoint-of-the-oidc-service.com/userinfo
scope: "email openid profile"
authMethod: ClientSecretBasic
# oidc_providers is a list of oidc providers that you want to use for authentication.
# see the example below for how to configure an oidc provider.
oidc_providers: []
# - name: example
# existingSecret: bigsecret
# clientIdKey: clientId
# clientSecretKey: clientSecret
# logo: https://url-of-your-logo.com
# authorizationAddress: https://url-of-the-authorization-endpoint-of-the-oidc-service.com/auth
# tokenAddress: https://url-of-the-token-endpoint-of-the-oidc-service.com/token
# profileAddress: https://url-of-the-profile-endpoint-of-the-oidc-service.com/userinfo
# scope: "email openid profile"
# authMethod: ClientSecretBasic

# configures workloads that require access to media
media:
Expand Down

0 comments on commit 7d1f227

Please sign in to comment.