diff options
| author |   demskeq8 <alexander.dehn@highstreet-technologies.com> | 2021-02-12 15:43:48 +0100 |
|---|---|---|
| committer |   ToineSiebelink <toine.siebelink@est.tech> | 2021-04-12 12:20:57 +0100 |
| commit | 213f6d8d86fceba0cde8c9e805ac31c11ca6eddf (patch) | |
| tree | 6a53f9c2ed9d60d31eca823b99d8a6fdb2e9bcba /kubernetes/sdnc/templates/statefulset.yaml | |
| parent | bbf711b643a2fa7cb7bc3a5ecebd7a4caf94b057 (diff) | |
[SDNC] Enable SDNC to use external oauth provider
- add additional environment variables
- add config file for external oauth-providers
Issue-ID: OOM-2675
Signed-off-by: demskeq8 <alexander.dehn@highstreet-technologies.com>
Change-Id: I235d3f46f5d109a1e82bdaa3c9de97508116fbe3
[Improve secretes handling]
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Diffstat (limited to 'kubernetes/sdnc/templates/statefulset.yaml')
| -rw-r--r-- | kubernetes/sdnc/templates/statefulset.yaml | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml index ea544e6211..152337ee52 100644 --- a/kubernetes/sdnc/templates/statefulset.yaml +++ b/kubernetes/sdnc/templates/statefulset.yaml @@ -111,6 +111,15 @@ spec: - name: DMAAP_HTTP_PROXY_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-proxy-creds" "key" "password") | indent 10 }} {{- end }} + {{ if .Values.config.sdnr.oauth.enabled }} + - name: OAUTH_TOKEN_SECRET + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "oauth-token-secret" "key" "password") | indent 10 }} + - name: KEYCLOAK_SECRET + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keycloak-secret" "key" "password") | indent 10 }} + + - name: ENABLE_ODLUX_RBAC + value: "{{ .Values.config.sdnr.oauth.odluxRbac.enabled | default "true" }}" + {{ end }} volumeMounts: @@ -294,7 +303,8 @@ spec: - name: ODL_CERT_DIR value: {{ (mustFirst (.Values.certificates)).mountPath }} {{- end }} - + - name: ENABLE_OAUTH + value: "{{ .Values.config.sdnr.oauth.enabled | default "false" }}" volumeMounts: {{ include "common.certInitializer.volumeMount" . | indent 10 }} {{ include "common.certServiceClient.volumeMounts" . | indent 10 }} @@ -362,6 +372,11 @@ spec: - mountPath: {{ .Values.config.odl.etcDir }}/org.opendaylight.daexim.cfg name: properties subPath: org.opendaylight.daexim.cfg + {{- if .Values.config.sdnr.oauth.enabled }} + - mountPath: {{ .Values.config.odl.etcDir }}/oauth-provider.config.json + name: properties + subPath: oauth-provider.config.json + {{ end }} resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} |