djpbessems/ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Revert "supervisor-oidc: create dynamic config in YTT templates"

Browse Source 
This reverts commit 006d96ab92.
This commit is contained in:
Ryan Richard 2020-10-06 13:35:05 -07:00
parent 14f1d86833
commit 78cc49d658
3 changed files with 1 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
deploy-supervisor/deployment.yaml
View File

@ -30,29 +30,6 @@ data:
names: names:
dynamicConfigMap: (@= data.values.app_name + "-dynamic-config" @) dynamicConfigMap: (@= data.values.app_name + "-dynamic-config" @)
--- ---
apiVersion: v1
kind: ConfigMap
metadata:
name: #@ data.values.app_name + "-dynamic-config"
namespace: #@ data.values.namespace
labels:
app: #@ data.values.app_name
data:
issuer: #@ data.values.issuer_url
---
apiVersion: v1
kind: ConfigMap
metadata:
name: #@ data.values.app_name + "-static-config"
namespace: #@ data.values.namespace
labels:
app: #@ data.values.app_name
data:
#@yaml/text-templated-strings
pinniped.yaml: |
names:
dynamicConfigMap: (@= data.values.app_name + "-dynamic-config" @)
---
#@ if data.values.image_pull_dockerconfigjson and data.values.image_pull_dockerconfigjson != "": #@ if data.values.image_pull_dockerconfigjson and data.values.image_pull_dockerconfigjson != "":
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret

6
deploy-supervisor/values.yaml
View File

@ -20,9 +20,3 @@ image_tag: latest
#! Typically the value would be the output of: kubectl create secret docker-registry x --docker-server=https://example.io --docker-username="USERNAME" --docker-password="PASSWORD" --dry-run=client -o json | jq -r '.data[".dockerconfigjson"]' #! Typically the value would be the output of: kubectl create secret docker-registry x --docker-server=https://example.io --docker-username="USERNAME" --docker-password="PASSWORD" --dry-run=client -o json | jq -r '.data[".dockerconfigjson"]'
#! Optional. #! Optional.
image_pull_dockerconfigjson: #! e.g. {"auths":{"https://registry.example.com":{"username":"USERNAME","password":"PASSWORD","auth":"BASE64_ENCODED_USERNAME_COLON_PASSWORD"}}} image_pull_dockerconfigjson: #! e.g. {"auths":{"https://registry.example.com":{"username":"USERNAME","password":"PASSWORD","auth":"BASE64_ENCODED_USERNAME_COLON_PASSWORD"}}}
#! Specifies the base URL used in the endpoint fields (e.g., authorization_endpoint, jwks_url, etc.)
#! of the OpenID Provider Metadata, as well as the value of the iss JWT claim that will be used by
#! this OIDC provider. Per the OIDC Discovery spec, this URL must use the HTTPS scheme. See
#! https://openid.net/specs/openid-connect-discovery-1_0.html#rfc.section.3.
issuer_url: #! e.g., https://auth.my-org.com

6
hack/prepare-for-integration-tests.sh
View File

@ -177,16 +177,12 @@ kubectl create secret generic "$test_username" \
# #
# Deploy the Pinniped Supervisor # Deploy the Pinniped Supervisor
# #
issuer_url=https://todo.what-should-this-be
pushd deploy-supervisor >/dev/null pushd deploy-supervisor >/dev/null
log_note "Deploying the Pinniped Supervisor app to the cluster..." log_note "Deploying the Pinniped Supervisor app to the cluster..."
ytt --file . \ ytt --file . \
--data-value "image_repo=$registry_repo" \ --data-value "image_repo=$registry_repo" \
--data-value "image_tag=$tag" \ --data-value "image_tag=$tag" >"$manifest"
--data-value "issuer_url=$issuer_url" \
>"$manifest"
kapp deploy --yes --app "pinniped-supervisor" --diff-changes --file "$manifest" kapp deploy --yes --app "pinniped-supervisor" --diff-changes --file "$manifest"