treasuremap/manifests/function/dex-aio/dex/replacements/dex-replacements.yaml

# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: airshipit.org/v1alpha1
kind: ReplacementTransformer
metadata:
  annotations:
    config.kubernetes.io/function: |-
      container:
        image: quay.io/airshipit/replacement-transformer:latest      
  name: cluster-controlplane-replacements
replacements:
# Dex Secrets for Certificates
  - source:
      objref:
        name: dex-catalogue
      fieldref: dex.tls.crt-b64
    target:
      objref:
        kind: Secret
        name: dex-ca-key-pair
      # fieldrefs using the json form because crt name (i.e., "tls.crt") contains a dot (.)
      # the json form starts with a dot (.), which makes the Replacement transformer
      # to not base64 encode the data.
      fieldrefs: ["{.data.tls\\.crt}"]
  - source:
      objref:
        name: dex-catalogue
      fieldref: dex.tls.key-b64
    target:
      objref:
        kind: Secret
        name: dex-ca-key-pair
      # fieldrefs using the json form because key name (i.e., "tls.key") contains a dot (.)
      # the json form starts with a dot (.), which makes the Replacement transformer
      # to not base64 encode the data.
      fieldrefs: ["{.data.tls\\.key}"]
# Dex HelmRelease Customization
  - source:
      objref:
        name: dex-catalogue
      fieldref: dex.service.type
    target:
      objref:
        kind: HelmRelease
        name: dex-aio
      fieldrefs: ["spec.values.params.service.type"]

# Dex HelmRelease Values override
  - source:
      objref:
        name: dex-catalogue
      fieldref: dex.site.name
    target:
      objref:
        kind: HelmRelease
        name: dex-aio
      fieldrefs: ["spec.values.params.site.name"]
  - source:
      objref:
        name: dex-catalogue
      fieldref: dex.endpoints.hostname
    target:
      objref:
        kind: HelmRelease
        name: dex-aio
      fieldrefs: ["spec.values.params.endpoints.hostname"]
  - source:
      objref:
        name: dex-catalogue
      fieldref: dex.endpoints.port.https
    target:
      objref:
        kind: HelmRelease
        name: dex-aio
      fieldrefs: ["spec.values.params.endpoints.port.https"]
  - source:
      objref:
        name: dex-catalogue
      fieldref: dex.endpoints.port.http
    target:
      objref:
        kind: HelmRelease
        name: dex-aio
      fieldrefs: ["spec.values.params.endpoints.port.http"]
  - source:
      objref:
        name: dex-catalogue
      fieldref: dex.endpoints.nodePort.https
    target:
      objref:
        kind: HelmRelease
        name: dex-aio
      fieldrefs: ["spec.values.params.endpoints.nodePort.https"]
  - source:
      objref:
        name: dex-catalogue
      fieldref: dex.endpoints.nodePort.http
    target:
      objref:
        kind: HelmRelease
        name: dex-aio
      fieldrefs: ["spec.values.params.endpoints.nodePort.http"]
  - source:
      objref:
        name: dex-catalogue
      fieldref: dex.oidc.client_id
    target:
      objref:
        kind: HelmRelease
        name: dex-aio
      fieldrefs: ["spec.values.params.oidc.client_id"]
  - source:
      objref:
        name: dex-catalogue
      fieldref: dex.oidc.client_secret
    target:
      objref:
        kind: HelmRelease
        name: dex-aio
      fieldrefs: ["spec.values.params.oidc.client_secret"]
  - source:
      objref:
        name: dex-catalogue
      fieldref: dex.service.type
    target:
      objref:
        kind: HelmRelease
        name: dex-aio
      fieldrefs: ["spec.values.params.service.type"]
  # Uncomment the "- source" structure below for enabling to override the Dex Connector data
  # - source:
  #     objref:
  #       name: dex-catalogue
  #     fieldref: dex.yaml.connector
  #   target:
  #     objref:
  #       kind: HelmRelease
  #       name: dex-aio
  #     fieldrefs: ["{.spec.values.config.dex\\.yaml}"]