oc-auth k8s integration

2024-12-16 14:50:39 +01:00
parent 11bdecd80d
commit 5e1503f0bc
6 changed files with 110 additions and 52 deletions
--- a/opencloud/templates/oc-auth/deployment.yaml
+++ b/opencloud/templates/oc-auth/deployment.yaml
@@ -26,46 +26,17 @@ spec:
      containers:
      - image: "{{ .Values.ocAuth.image }}"
        name: oc-auth
+        command: ["tail", "-f", "/dev/null"]
        volumeMounts:
          - name: public-key-volume
-            mountPath: /keys/public
+            mountPath: /keys/public/public.pem
            subPath: public.pem
          - name: private-key-volume
-            mountPath: /keys/private
+            mountPath: /keys/private/private.pem
            subPath: private.pem
-        env:
-        - name: OCAUTH_ADMIN_ROLE
-          value: "{{ .Values.ocAuth.hydra }}"
-        - name: OCAUTH_PUBLIC_KEY_PATH
-          value: /keys/public/public.pem
-        - name: OCAUTH_PRIVATE_KEY_PATH
-          value: /keys/private/private.pem
-        - name: OCAUTH_CLIENT_SECRET
-          value: "{{ .Values.ocAuth.hydra.openCloudOauth2ClientSecretName }}"
-        - name: OCAUTH_AUTH
-          value: "{{ .Values.ocAuth.authType }}"
-        - name: OCAUTH_AUTH_CONNECTOR_HOST
-          value: "{{ .Release.Name }}.hydra-admin.{{ .Release.Namespace }}"
-        - name: OCAUTH_AUTH_CONNECTOR_PORT
-          value: 4444
-        - name: OCAUTH_AUTH_CONNECTOR_ADMIN_PORT
-          value: 4445
-        - name: OCAUTH_PERMISSION_CONNECTOR_HOST
-          value: "{{ .Release.Name }}.keto-write.{{ .Release.Namespace }}"
-        - name: OCAUTH_PERMISSION_CONNECTOR_PORT
-          value: 80
-        - name: OCAUTH_PERMISSION_CONNECTOR_ADMIN_PORT
-          value: 80
-        - name: OCAUTH_LDAP_ENDPOINTS
-          value: "{{ .Release.Name }}-openldap.{{ .Release.Namespace }}.svc.cluster.local:389"
-        - name: OCAUTH_LDAP_BINDDN
-          value: "{{ index .Values.ocAuth.ldap.bindDn }}"
-        - name: OCAUTH_LDAP_BINDPW
-          value: "{{ index .Values.ocAuth.ldap.binPwd }}"
-        - name: OCAUTH_LDAP_BASEDN
-          value: "{{ index .Values.ocAuth.ldap.baseDn }}"
-        - name: OCAUTH_LDAP_ROLE_BASEDN
-          value: "{{ index .Values.ocAuth.ldap.roleBaseDn }}"
+        envFrom:
+        - configMapRef:
+            name: opencloud-config
        ports:
          - name: http
            containerPort: 80