diff options
author | Andreas Geissler <andreas-geissler@telekom.de> | 2024-04-24 15:38:24 +0200 |
---|---|---|
committer | Andreas Geissler <andreas-geissler@telekom.de> | 2024-06-05 13:49:50 +0200 |
commit | e9f67624d1f5e25d24c951e385661341baa21830 (patch) | |
tree | 5c76da9347276454bee590369905b5b35b0489dc /kubernetes/authentication/components/oauth2-proxy/templates/ingress.yaml | |
parent | 53fe20dc15c0e23c27bee5c1450340e454b8945b (diff) |
[AUTHENTICATION] Restructured keycloak and Oauth2-proxy
Changed keycloak-init to "authentication"
and moved as root chart
Moved oauth2-proxy to onap-authentication and updated
to version 7.5.4
Use TCL proposal for REALM creation.
Update keycloak-config-cli version to 5.12.0.
Ingress AuthorizationPolicy creation for all defined accessRoles
in the configured realms
Issue-ID: OOM-3292
Issue-ID: OOM-3268
Change-Id: I0901cd416ca5da871931d7cf084cd35c55f804f1
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Diffstat (limited to 'kubernetes/authentication/components/oauth2-proxy/templates/ingress.yaml')
-rw-r--r-- | kubernetes/authentication/components/oauth2-proxy/templates/ingress.yaml | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/kubernetes/authentication/components/oauth2-proxy/templates/ingress.yaml b/kubernetes/authentication/components/oauth2-proxy/templates/ingress.yaml new file mode 100644 index 0000000000..5323820487 --- /dev/null +++ b/kubernetes/authentication/components/oauth2-proxy/templates/ingress.yaml @@ -0,0 +1,44 @@ +{{- if .Values.ingress.enabled -}} +{{- $serviceName := include "oauth2-proxy.fullname" . -}} +{{- $servicePort := .Values.service.portNumber -}} +{{- $ingressPath := .Values.ingress.path -}} +{{- $ingressPathType := .Values.ingress.pathType -}} +{{- $extraPaths := .Values.ingress.extraPaths -}} +apiVersion: {{ include "capabilities.ingress.apiVersion" . }} +kind: Ingress +metadata: + labels: + app: {{ template "oauth2-proxy.name" . }} + {{- include "oauth2-proxy.labels" . | indent 4 }} +{{- if .Values.ingress.labels }} +{{ toYaml .Values.ingress.labels | indent 4 }} +{{- end }} + name: {{ template "oauth2-proxy.fullname" . }} + namespace: {{ template "oauth2-proxy.namespace" $ }} +{{- with .Values.ingress.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: + {{- if and .Values.ingress.className ( eq "true" ( include "ingress.supportsIngressClassName" . ) ) }} + ingressClassName: {{ .Values.ingress.className | quote }} + {{- end }} + rules: + {{- range $host := .Values.ingress.hosts }} + - host: {{ tpl $host $ | quote }} + http: + paths: +{{- if $extraPaths }} +{{ toYaml $extraPaths | indent 10 }} +{{- end }} + - path: {{ $ingressPath }} + {{- if eq "true" ( include "ingress.supportsPathType" $ ) }} + pathType: {{ $ingressPathType }} + {{- end }} + backend: {{- include "ingress.backend" ( dict "serviceName" $serviceName "servicePort" $servicePort "context" $ ) | nindent 14 }} + {{- end -}} + {{- if .Values.ingress.tls }} + tls: +{{ tpl (toYaml .Values.ingress.tls) $ | indent 4 }} + {{- end -}} +{{- end -}} |