feat: Switch authentication provider to pinniped
Some checks failed
continuous-integration/drone/push Build is failing
Some checks failed
continuous-integration/drone/push Build is failing
This commit is contained in:
@ -33,8 +33,6 @@ platform:
|
||||
helm_repositories:
|
||||
- name: argo
|
||||
url: https://argoproj.github.io/argo-helm
|
||||
- name: authentik
|
||||
url: https://charts.goauthentik.io
|
||||
- name: gitea-charts
|
||||
url: https://dl.gitea.io/charts/
|
||||
- name: harbor
|
||||
@ -69,32 +67,6 @@ components:
|
||||
hosts:
|
||||
- gitops.{{ vapp['metacluster.fqdn'] }}
|
||||
|
||||
authentik:
|
||||
helm:
|
||||
version: 2023.3.1
|
||||
chart: authentik/authentik
|
||||
parse_logic: helm template . --set postgresql.enabled=true,redis.enabled=true | yq --no-doc eval '.. | .image? | select(.)' | sort -u | awk '!/ /'
|
||||
chart_values: !unsafe |
|
||||
authentik:
|
||||
avatars: none
|
||||
secret_key: "{{ lookup('ansible.builtin.password', '/dev/null length=64 chars=ascii_lowercase,digits seed=' ~ vapp['guestinfo.hostname']) }}"
|
||||
postgresql:
|
||||
password: "{{ lookup('ansible.builtin.password', '/dev/null length=32 chars=ascii_lowercase,digits seed=' ~ vapp['guestinfo.hostname']) }}"
|
||||
env:
|
||||
AUTHENTIK_BOOTSTRAP_PASSWORD: "{{ vapp['metacluster.password'] }}"
|
||||
ingress:
|
||||
enabled: true
|
||||
hosts:
|
||||
- host: auth.{{ vapp['metacluster.fqdn'] }}
|
||||
paths:
|
||||
- path: "/"
|
||||
pathType: Prefix
|
||||
postgresql:
|
||||
enabled: true
|
||||
postgresqlPassword: "{{ lookup('ansible.builtin.password', '/dev/null length=32 chars=ascii_lowercase,digits seed=' ~ vapp['guestinfo.hostname']) }}"
|
||||
redis:
|
||||
enabled: true
|
||||
|
||||
cert-manager:
|
||||
helm:
|
||||
version: 1.11.0
|
||||
@ -225,6 +197,10 @@ components:
|
||||
persistence:
|
||||
defaultClassReplicaCount: 1
|
||||
|
||||
pinniped:
|
||||
# Must match the version referenced at `dependencies.static_binaries[.filename==pinniped].url`
|
||||
version: v0.25.0
|
||||
|
||||
step-certificates:
|
||||
helm:
|
||||
version: 1.23.0
|
||||
@ -282,6 +258,8 @@ dependencies:
|
||||
- filename: kubectl-slice
|
||||
url: https://github.com/patrickdappollonio/kubectl-slice/releases/download/v1.2.5/kubectl-slice_linux_x86_64.tar.gz
|
||||
archive: compressed
|
||||
- filename: pinniped
|
||||
url: https://github.com/vmware-tanzu/pinniped/releases/download/v0.25.0/pinniped-cli-linux-amd64
|
||||
- filename: skopeo
|
||||
url: https://code.spamasaurus.com/api/packages/djpbessems/generic/skopeo/v1.12.0/skopeo_linux_amd64
|
||||
- filename: step
|
||||
|
||||
Reference in New Issue
Block a user