use newer containers and supply Hydra/OIDC variables to deployment
This commit is contained in:
parent
3991f9ac52
commit
a54e26c9c4
5 changed files with 22 additions and 8 deletions
|
@ -1,6 +1,6 @@
|
||||||
dependencies:
|
dependencies:
|
||||||
- name: common
|
- name: common
|
||||||
repository: https://charts.bitnami.com/bitnami
|
repository: https://charts.bitnami.com/bitnami
|
||||||
version: 1.10.0
|
version: 1.10.4
|
||||||
digest: sha256:d6f283322d34efda54721ddd67aec935f1bea501c7b45dfbe89814aed21ae5dc
|
digest: sha256:e177cdcd71e67a1e64e95260c4b780374e1d66e85be405d5dc58459654e49ffa
|
||||||
generated: "2021-09-30T16:27:06.738339948+02:00"
|
generated: "2022-01-21T11:11:54.359313957+01:00"
|
||||||
|
|
|
@ -13,9 +13,10 @@ data:
|
||||||
SECRET_KEY: {{ .Values.backend.secretKey }}
|
SECRET_KEY: {{ .Values.backend.secretKey }}
|
||||||
FLASK_APP: app.py
|
FLASK_APP: app.py
|
||||||
FLASK_ENV: {{ .Values.backend.flaskEnv }}
|
FLASK_ENV: {{ .Values.backend.flaskEnv }}
|
||||||
# Probably needed in the future:
|
HYDRA_CLIENT_ID: {{ .Values.backend.oidc.clientId }}
|
||||||
# DASHBOARD_BACKEND_USERNAME: {{ .Values.backend.username | quote }}
|
HYDRA_AUTHORIZATION_BASE_URL: {{ .Values.backend.oidc.authorizationBaseUrl }}
|
||||||
# DASHBOARD_BACKEND_EMAIL: {{ .Values.backend.email | quote }}
|
TOKEN_URL: {{ .Values.backend.oidc.tokenUrl }}
|
||||||
|
|
||||||
# {{- if .Values.backend.smtp.enabled }}
|
# {{- if .Values.backend.smtp.enabled }}
|
||||||
# DASHBOARD_BACKEND_SMTP_HOST: {{ .Values.backend.smtp.host | quote }}
|
# DASHBOARD_BACKEND_SMTP_HOST: {{ .Values.backend.smtp.host | quote }}
|
||||||
# DASHBOARD_BACKEND_SMTP_PORT: {{ .Values.backend.smtp.port | quote }}
|
# DASHBOARD_BACKEND_SMTP_PORT: {{ .Values.backend.smtp.port | quote }}
|
||||||
|
|
|
@ -138,6 +138,11 @@ spec:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: {{ include "backend.smtp.secretName" . }}
|
name: {{ include "backend.smtp.secretName" . }}
|
||||||
key: smtp-password
|
key: smtp-password
|
||||||
|
- name: HYDRA_CLIENT_SECRET
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: {{ include "backend.secretName" . }}
|
||||||
|
key: oidc-client-secret
|
||||||
- name: KRATOS_URL
|
- name: KRATOS_URL
|
||||||
value: {{ .Values.backend.kratosUrl }}
|
value: {{ .Values.backend.kratosUrl }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
|
@ -20,4 +20,7 @@ data:
|
||||||
{{- if and (.Values.backend.smtp.password) (.Values.backend.smtp.enabled) (not .Values.backend.smtp.existingSecret) }}
|
{{- if and (.Values.backend.smtp.password) (.Values.backend.smtp.enabled) (not .Values.backend.smtp.existingSecret) }}
|
||||||
smtp-password: {{ .Values.backend.smtp.password | b64enc | quote }}
|
smtp-password: {{ .Values.backend.smtp.password | b64enc | quote }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
{{- if .Values.backend.oidc.clientSecret }}
|
||||||
|
oidc-client-secret: {{ .Values.backend.oidc.clientSecret | b64enc | quote }}
|
||||||
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
|
@ -59,7 +59,7 @@ dashboard:
|
||||||
image:
|
image:
|
||||||
registry: open.greenhost.net:4567
|
registry: open.greenhost.net:4567
|
||||||
repository: stackspin/dashboard/dashboard
|
repository: stackspin/dashboard/dashboard
|
||||||
tag: 0-1-2
|
tag: 0-1-3
|
||||||
## Specify a imagePullPolicy
|
## Specify a imagePullPolicy
|
||||||
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
|
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
|
||||||
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
|
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
|
||||||
|
@ -232,7 +232,7 @@ backend:
|
||||||
image:
|
image:
|
||||||
registry: open.greenhost.net:4567
|
registry: open.greenhost.net:4567
|
||||||
repository: stackspin/dashboard-backend/dashboard-backend
|
repository: stackspin/dashboard-backend/dashboard-backend
|
||||||
tag: 0-1-2
|
tag: 0-1-3
|
||||||
## Specify a imagePullPolicy
|
## Specify a imagePullPolicy
|
||||||
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
|
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
|
||||||
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
|
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
|
||||||
|
@ -249,6 +249,11 @@ backend:
|
||||||
|
|
||||||
# URL to the Ory Kratos API
|
# URL to the Ory Kratos API
|
||||||
kratosUrl: http://127.0.0.1:8000
|
kratosUrl: http://127.0.0.1:8000
|
||||||
|
oidc:
|
||||||
|
clientId: dashboard
|
||||||
|
clientSecret: ReplaceWithSecret
|
||||||
|
authorizationBaseUrl: https://sso.stackspin.example.org/oauth2/auth
|
||||||
|
tokenUrl: https://sso.stackspin.example.org/oauth2/token
|
||||||
|
|
||||||
## Kubernetes service configuration. For minikube, set this to NodePort, elsewhere use LoadBalancer or ClusterIP
|
## Kubernetes service configuration. For minikube, set this to NodePort, elsewhere use LoadBalancer or ClusterIP
|
||||||
##
|
##
|
||||||
|
|
Loading…
Reference in a new issue