Dex (airship-core) Type - Treasure Map
This patchset provides the updates to the "airship-core" to add oidc flags to the "KubeadmControlPlane" object (airship-core/ephemeral/controlplane) as well as adding "dex-aio" service as part of the workload part. Change-Id: I3481b5ec82a97a187c0cf89e4bffb6d85b3e390c
This commit is contained in:
parent
772b18afd9
commit
e231c6774f
|
@ -2,3 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1
|
|||
kind: Kustomization
|
||||
resources:
|
||||
- ../../../../../../airshipctl/manifests/function/k8scontrol
|
||||
- ../../../../function/dex-aio/api-server
|
||||
|
|
|
@ -2,3 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1
|
|||
kind: Kustomization
|
||||
resources:
|
||||
- ../../../../../../../airshipctl/manifests/function/k8scontrol/replacements
|
||||
- ../../../../../function/dex-aio/api-server/replacements
|
||||
|
|
|
@ -0,0 +1,6 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
resources:
|
||||
- type-dex-catalogue.yaml
|
||||
- ../../../../../function/dex-aio/dex
|
|
@ -0,0 +1,10 @@
|
|||
apiVersion: builtin
|
||||
kind: PatchStrategicMergeTransformer
|
||||
metadata:
|
||||
name: dex-type-catalogue-cleanup
|
||||
patches: |-
|
||||
apiVersion: airshipit.org/v1alpha1
|
||||
kind: VariableCatalogue
|
||||
metadata:
|
||||
name: type-dex-catalogue
|
||||
$patch: delete
|
|
@ -0,0 +1,7 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
resources:
|
||||
- type-dex-replacements.yaml
|
||||
- ../../../../../../function/dex-aio/dex/replacements
|
||||
- dex-cleanup-catalogue.yaml
|
|
@ -0,0 +1,75 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
apiVersion: airshipit.org/v1alpha1
|
||||
kind: ReplacementTransformer
|
||||
metadata:
|
||||
annotations:
|
||||
config.kubernetes.io/function: |-
|
||||
container:
|
||||
image: quay.io/airshipit/replacement-transformer:latest
|
||||
name: type-cluster-controlplane-replacements
|
||||
replacements:
|
||||
# Dex VariableCatalogue Values override
|
||||
- source:
|
||||
objref:
|
||||
name: type-dex-catalogue
|
||||
fieldref: dex.site.name
|
||||
target:
|
||||
objref:
|
||||
kind: VariableCatalogue
|
||||
name: dex-catalogue
|
||||
fieldrefs: [".dex.site.name"]
|
||||
- source:
|
||||
objref:
|
||||
name: type-dex-catalogue
|
||||
fieldref: dex.endpoints.hostname
|
||||
target:
|
||||
objref:
|
||||
kind: VariableCatalogue
|
||||
name: dex-catalogue
|
||||
fieldrefs: [".dex.endpoints.hostname"]
|
||||
- source:
|
||||
objref:
|
||||
name: type-dex-catalogue
|
||||
fieldref: dex.oidc.client_id
|
||||
target:
|
||||
objref:
|
||||
kind: VariableCatalogue
|
||||
name: dex-catalogue
|
||||
fieldrefs: [".dex.oidc.client_id"]
|
||||
- source:
|
||||
objref:
|
||||
name: type-dex-catalogue
|
||||
fieldref: dex.oidc.client_secret
|
||||
target:
|
||||
objref:
|
||||
kind: VariableCatalogue
|
||||
name: dex-catalogue
|
||||
fieldrefs: [".dex.oidc.client_secret"]
|
||||
- source:
|
||||
objref:
|
||||
name: type-dex-catalogue
|
||||
fieldref: dex.service.type
|
||||
target:
|
||||
objref:
|
||||
kind: VariableCatalogue
|
||||
name: dex-catalogue
|
||||
fieldrefs: [".dex.service.type"]
|
||||
- source:
|
||||
objref:
|
||||
name: type-dex-catalogue
|
||||
fieldref: dex.idp.connector.connectors
|
||||
target:
|
||||
objref:
|
||||
kind: VariableCatalogue
|
||||
name: dex-catalogue
|
||||
fieldrefs: ["dex.idp.connector.connectors"]
|
|
@ -0,0 +1,42 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
# USAGE: to change cluster name, replace all ocurrences of "dex-target-cluster"
|
||||
# by new cluster name in this file.
|
||||
|
||||
apiVersion: airshipit.org/v1alpha1
|
||||
kind: VariableCatalogue
|
||||
metadata:
|
||||
name: type-dex-catalogue
|
||||
labels:
|
||||
airshipit.org/deploy-k8s: "false"
|
||||
dex:
|
||||
site:
|
||||
name: Dex-Type
|
||||
endpoints:
|
||||
hostname: dex.type.local
|
||||
oidc:
|
||||
client_id: type-kubernetes
|
||||
client_secret: pUBnBOY80SnXgjibTYM9ZWNzY2xreNGQok
|
||||
service:
|
||||
type: LoadBalancer
|
||||
kubeadm:
|
||||
api-server:
|
||||
extra-args:
|
||||
oidc-issuer-url: https://dex.type.local:5556/dex
|
||||
oidc-client-id: type-kubernetes
|
||||
idp:
|
||||
connector:
|
||||
connectors:
|
||||
- type: ldap
|
||||
id: ldap
|
||||
name: LDAP
|
Loading…
Reference in New Issue