diff options
| author |   Andreas Geissler <andreas-geissler@telekom.de> | 2024-04-24 15:38:24 +0200 |
|---|---|---|
| committer | Andreas Geissler <andreas-geissler@telekom.de> | 2024-06-05 13:49:50 +0200 |
| commit | e9f67624d1f5e25d24c951e385661341baa21830 (patch) | |
| tree | 5c76da9347276454bee590369905b5b35b0489dc /kubernetes/authentication/components/oauth2-proxy/templates/_ingress.tpl | |
| parent | 53fe20dc15c0e23c27bee5c1450340e454b8945b (diff) | |
[AUTHENTICATION] Restructured keycloak and Oauth2-proxy
Changed keycloak-init to "authentication"
and moved as root chart
Moved oauth2-proxy to onap-authentication and updated
to version 7.5.4
Use TCL proposal for REALM creation.
Update keycloak-config-cli version to 5.12.0.
Ingress AuthorizationPolicy creation for all defined accessRoles
in the configured realms
Issue-ID: OOM-3292
Issue-ID: OOM-3268
Change-Id: I0901cd416ca5da871931d7cf084cd35c55f804f1
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Diffstat (limited to 'kubernetes/authentication/components/oauth2-proxy/templates/_ingress.tpl')
| -rw-r--r-- | kubernetes/authentication/components/oauth2-proxy/templates/_ingress.tpl | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/kubernetes/authentication/components/oauth2-proxy/templates/_ingress.tpl b/kubernetes/authentication/components/oauth2-proxy/templates/_ingress.tpl new file mode 100644 index 0000000000..f4a3cad0e4 --- /dev/null +++ b/kubernetes/authentication/components/oauth2-proxy/templates/_ingress.tpl @@ -0,0 +1,46 @@ +{{/* +Returns `true` if the API `ingressClassName` field is supported and `false` otherwise +*/}} +{{- define "ingress.supportsIngressClassName" -}} +{{- if ( semverCompare "<1.18-0" ( .Values.kubeVersion | default .Capabilities.KubeVersion.Version ) ) -}} +{{- print "false" -}} +{{- else -}} +{{- print "true" -}} +{{- end -}} +{{- end -}} + +{{/* +Returns `true` if the API `pathType` field is supported and `false` otherwise +*/}} +{{- define "ingress.supportsPathType" -}} +{{- if ( semverCompare "<1.18-0" ( .Values.kubeVersion | default .Capabilities.KubeVersion.Version ) ) -}} +{{- print "false" -}} +{{- else -}} +{{- print "true" -}} +{{- end -}} +{{- end -}} + +{{/* +Returns the appropriate ingress `backend` fields depending on the Kubernetes API version. +e.g.: `{{ include "common.ingress.backend" (dict "serviceName" "backendName" "servicePort" "backendPort" "context" $) }}` +Where the dict must contain the following entries: +- `serviceName` {String} - Name of an existing service backend +- `servicePort` {String|Number} - Port name or port number of the service. +- `context` {Dict} - (Parent) Context for the template evaluation required for the API version detection. +*/}} +{{- define "ingress.backend" -}} +{{- $apiVersion := ( include "capabilities.ingress.apiVersion" .context ) -}} +{{- if or ( eq $apiVersion "extensions/v1beta1" ) ( eq $apiVersion "networking.k8s.io/v1beta1" ) -}} +serviceName: {{ .serviceName }} +servicePort: {{ .servicePort }} +{{- else -}} +service: + name: {{ .serviceName }} + port: + {{- if typeIs "string" .servicePort }} + name: {{ .servicePort }} + {{- else if or ( typeIs "int" .servicePort ) ( typeIs "float64" .servicePort ) }} + number: {{ .servicePort }} + {{- end }} +{{- end -}} +{{- end -}} |