diff --git a/deployment/helmchart/templates/job-initialize-user.yaml b/deployment/helmchart/templates/job-initialize-user.yaml new file mode 100644 index 0000000..6e1c13d --- /dev/null +++ b/deployment/helmchart/templates/job-initialize-user.yaml @@ -0,0 +1,53 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ template "common.names.fullname" . }}-initialize-user + labels: {{- include "common.labels.standard" . | nindent 4 }} + component: dashboard + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + annotations: + "helm.sh/hook": post-install,post-upgrade + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": before-hook-creation + {{- if .Values.commonAnnotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + template: + metadata: + labels: {{- include "common.labels.standard" . | nindent 8 }} + component: dashboard + spec: + restartPolicy: Never + containers: + - name: {{ .Chart.Name }}-login-create-admin + image: {{ template "backend.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy | quote }} + envFrom: + - configMapRef: + name: {{ include "common.names.fullname" . }} + {{- if .Values.backend.extraEnvVarsCM }} + - configMapRef: + name: {{ .Values.backend.extraEnvVarsCM }} + {{- end }} + {{- if .Values.backend.extraEnvVarsSecret }} + - secretRef: + name: {{ .Values.backend.extraEnvVarsSecret }} + {{- end }} + env: + - name: SETUP_EMAIL + value: {{ .Values.backend.initialUser.email }} + - name: SETUP_PASSWORD + value: {{ .Values.backend.initialUser.password }} + command: ["/bin/bash", "-c"] + args: + - flask db upgrade; + {{- if .Release.IsInstall }} + flask cli user create $SETUP_EMAIL; + flask cli user setpassword $SETUP_EMAIL $SETUP_PASSWORD; + flask cli app create dashboard Dashboard; + flask cli user setrole $SETUP_EMAIL dashboard admin; + {{- end }} + diff --git a/deployment/helmchart/values-local.yaml.example b/deployment/helmchart/values-local.yaml.example index 86a80a3..2ab9d69 100644 --- a/deployment/helmchart/values-local.yaml.example +++ b/deployment/helmchart/values-local.yaml.example @@ -1,17 +1,38 @@ # Values you will likely want to override. See values.yaml for their meanings dashboard: - host: dashboard.oas.example.com + host: dashboard.stackspin.example.com backend: secretKey: My random secret key + # OIDC connection details + # + # oidc: + # clientSecret: ReplaceWithSecret + # baseUrl: https://sso.stackspin.example.org + # authorizationBaseUrl: https://sso.stackspin.example.org/oauth2/auth + # tokenUrl: https://sso.stackspin.example.org/oauth2/token + + # Where to find the Kratos public url + kratos: + publicUrl: https://sso.stackspin.example.org/kratos + + # Public URL of login panel + loginPanelUrl: https://dashboard.stackspin.example.org/web/ + + # Database connection + # databaseUrl: mysql+pymysql://stackspin:password@single-sign-on-database-mariadb/stackspin + + initialUser: + email: admin@example.com + # password: Set a pasword for the initial user! ingress: enabled: true - hostname: dashboard.oas.example.com + hostname: dashboard.stackspin.example.com # Get certificates with cert-manager certManager: true tls: - hosts: - - dashboard.oas.example.com - secretName: oas-dashboard + - dashboard.stackspin.example.com + secretName: stackspin-dashboard diff --git a/deployment/helmchart/values.yaml b/deployment/helmchart/values.yaml index ba3a83c..ea70829 100644 --- a/deployment/helmchart/values.yaml +++ b/deployment/helmchart/values.yaml @@ -271,6 +271,10 @@ backend: loginPanelUrl: https://dashboard.stackspin.example.org/web/ databaseUrl: mysql+pymysql://stackspin:stackspin@single-sign-on-database-mariadb/stackspin + initialUser: + email: admin@example.com + # password: Set a pasword for the initial user! + ## Kubernetes service configuration. For minikube, set this to NodePort, elsewhere use LoadBalancer or ClusterIP ## service: