Support for https in OIDC client

Changed OIDC client to use HTTPS by default.
OIDC client uses the same TLS certificate as DEX.

Story: 2006711
Task: 38166

Change-Id: I347e9da3380519c89ca3138da3e2a69a47a6db94
Signed-off-by: Teresa Ho <teresa.ho@windriver.com>

stx-oidc-auth-helm/stx-oidc-auth-helm/helm-charts/oidc-client/templates/deployment.yaml

@@ -37,15 +37,19 @@ spec:
             httpGet:
               path: /
               port: http
+              scheme: HTTPS
           readinessProbe:
             httpGet:
               path: /
               port: http
+              scheme: HTTPS
           resources:
             {{- toYaml .Values.resources | nindent 12 }}
           volumeMounts:
             - mountPath: "/home"
               name: dex-client-secret-volume
+            - mountPath: /etc/dex/tls/https/server
+              name: https-tls
             - name: config
               subPath: config.yaml
               mountPath: /app/config.yaml
@@ -65,6 +69,9 @@ spec:
         - name: dex-client-secret-volume
           secret:
             secretName: dex-client-secret
+        - name: https-tls
+          secret:
+            secretName: local-dex.tls
         - name: config
           configMap:
             name: stx-oidc-client

stx-oidc-auth-helm/stx-oidc-auth-helm/helm-charts/oidc-client/values.yaml

@@ -28,8 +28,8 @@ config:
   client_secret: St8rlingX
   issuer: https://10.10.10.3:30556/dex
   issuer_root_ca: /home/dex-ca.pem
-  listen: http://0.0.0.0:5555
-  redirect_uri: http://10.10.10.3:30555/callback
+  listen: https://0.0.0.0:5555
+  redirect_uri: https://10.10.10.3:30555/callback
 
 ingress:
   enabled: false

stx-oidc-auth-helm/stx-oidc-auth-helm/manifests/manifest.yaml

@@ -76,7 +76,9 @@ data:
   values:
     config:
       issuer_root_ca: /home/dex-ca.pem
-      listen: http://0.0.0.0:5555
+      listen: https://0.0.0.0:5555
+      tlsCert: /etc/dex/tls/https/server/tls.crt
+      tlsKey: /etc/dex/tls/https/server/tls.key
     nodeSelector:
       node-role.kubernetes.io/master: ""
     service:

stx-oidc-client/centos/docker/main.go

@@ -207,6 +207,8 @@ var rootCmd = &cobra.Command{
         config.issuerURL = viper.GetString("issuer")
         config.listen = viper.GetString("listen")
         config.rootCAs = viper.GetString("issuer_root_ca")
+        config.tlsCert = viper.GetString("tlsCert")
+        config.tlsKey = viper.GetString("tlsKey")
         config.a.clientID = viper.GetString("client_id")
         config.a.clientSecret = viper.GetString("client_secret")
         config.a.redirectURI = viper.GetString("redirect_uri")