From 5d6701bdf214e77f460f2e3dd2b6f7d3186830c8 Mon Sep 17 00:00:00 2001
From: Jerry Sun <jerry.sun@windriver.com>
Date: Mon, 3 Feb 2020 12:49:25 -0500
Subject: [PATCH] Build Dex image with IPv6 patch

The default Dex image does not support a kubernetes cluster with IPv6.
The cluster network address is not wrapped in square brackets, which
fails when the dex container tries to create custom resources. This
commit builds our own dex image while we are trying to get the fix
upstreamed.

Story: 2006711
Task: 38610

Change-Id: I9193dde6d4260f3c9b5fa12224810f1de0aa53df
Signed-off-by: Jerry Sun <jerry.sun@windriver.com>
---
 centos_stable_docker_images.inc               |  1 +
 dex/centos/dex.stable_docker_image            |  5 +++
 ...etes-host-address-in-square-brackets.patch | 36 +++++++++++++++++++
 3 files changed, 42 insertions(+)
 create mode 100644 dex/centos/dex.stable_docker_image
 create mode 100644 dex/centos/docker_patches/0001-Wrap-Kubernetes-host-address-in-square-brackets.patch

diff --git a/centos_stable_docker_images.inc b/centos_stable_docker_images.inc
index 07df7af..21effd2 100644
--- a/centos_stable_docker_images.inc
+++ b/centos_stable_docker_images.inc
@@ -1 +1,2 @@
 stx-oidc-client
+dex
diff --git a/dex/centos/dex.stable_docker_image b/dex/centos/dex.stable_docker_image
new file mode 100644
index 0000000..43c6fa2
--- /dev/null
+++ b/dex/centos/dex.stable_docker_image
@@ -0,0 +1,5 @@
+BUILDER=docker
+LABEL=dex
+DOCKER_REPO=https://github.com/dexidp/dex.git
+DOCKER_REF=f1581ff873a200cf9dd01bf261e056267d57b991 # SHA for v2.14.0, as of Jan 21, 2020
+DOCKER_PATCHES="docker_patches/0001-Wrap-Kubernetes-host-address-in-square-brackets.patch"
diff --git a/dex/centos/docker_patches/0001-Wrap-Kubernetes-host-address-in-square-brackets.patch b/dex/centos/docker_patches/0001-Wrap-Kubernetes-host-address-in-square-brackets.patch
new file mode 100644
index 0000000..bd8138f
--- /dev/null
+++ b/dex/centos/docker_patches/0001-Wrap-Kubernetes-host-address-in-square-brackets.patch
@@ -0,0 +1,36 @@
+From a084a721f2485e4eba81fe50e52fd3f3932024fa Mon Sep 17 00:00:00 2001
+From: Jerry Sun <jerry.sun@windriver.com>
+Date: Fri, 24 Jan 2020 09:13:40 -0500
+Subject: [PATCH 1/1] Wrap Kubernetes host address in square brackets
+
+When constructing the host address string, the address is
+not wrapped in square brackets. This does not work in IPv6
+Kubernetes deployments. This commit adds square brackets
+around the address. IPv4 was also tested to ensure it works
+with wrapped address.
+
+Story: 2006711
+Task: 38610
+
+Signed-off-by: Jerry Sun <jerry.sun@windriver.com>
+---
+ storage/kubernetes/client.go | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/storage/kubernetes/client.go b/storage/kubernetes/client.go
+index cb7fd28..f16bc77 100644
+--- a/storage/kubernetes/client.go
++++ b/storage/kubernetes/client.go
+@@ -419,6 +419,9 @@ func inClusterConfig() (cluster k8sapi.Cluster, user k8sapi.AuthInfo, namespace
+ 		err = fmt.Errorf("unable to load in-cluster configuration, KUBERNETES_SERVICE_HOST and KUBERNETES_SERVICE_PORT must be defined")
+ 		return
+ 	}
++	// we need to wrap IPv6 addresses in square brackets
++	// IPv4 also works with square brackets
++        host = "[" + host + "]"
+ 	cluster = k8sapi.Cluster{
+ 		Server:               "https://" + host + ":" + port,
+ 		CertificateAuthority: "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt",
+-- 
+2.7.4
+