Merge "[SDNC] Enable SDNC to use external oauth provider"

author: Sylvain Desbureaux <sylvain.desbureaux@orange.com> 2021-04-06 12:35:18 +0000
committer: Gerrit Code Review <gerrit@onap.org> 2021-04-06 12:35:18 +0000
commit: 7e8244a3a3a835a8758ffa865542f4dc53bb6771 (patch)
tree: f63fa226051851e441e363ee6d4aeb2d6a3ac709 /kubernetes/sdnc/values.yaml
parent: 333281b85d86c356ab0f09caab82890fce0442fb (diff)
parent: b43e92cc48e97622a3bdcb0cc385ae5bf894b1b5 (diff)
1 files changed, 34 insertions, 4 deletions
diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml
index e3f3a6e172..399740ed05 100644
--- a/kubernetes/sdnc/values.yaml
+++ b/kubernetes/sdnc/values.yaml
@@ -172,6 +172,17 @@ secrets:
     login: '{{ .Values.config.scaleoutUser }}'
     password: '{{ .Values.config.scaleoutPassword }}'
     passwordPolicy: required
+  - uid: oauth-token-secret
+    type: password
+    externalSecret: '{{ ternary (tpl (default "" .Values.config.sdnr.oauth.tokenExternalSecret) .) "oauth-disabled" .Values.config.sdnr.oauth.enabled }}'
+    password: '{{ .Values.config.sdnr.oauth.tokenSecret }}'
+    passwordPolicy: required
+  - uid: keycloak-secret
+    type: password
+    externalSecret: '{{ ternary (tpl (default "" .Values.config.sdnr.oauth.providersSecrets.keycloakExternalSecret) .) "oauth-disabled" .Values.config.sdnr.oauth.enabled }}'
+    password: '{{ .Values.config.sdnr.oauth.providersSecrets.keycloak }}'
+    passwordPolicy: required
+
 #################################################################
 # Certificates
 #################################################################
@@ -311,6 +322,7 @@ config:
     sdnrdbTrustAllCerts: true
     mountpointRegistrarEnabled: false
     mountpointStateProviderEnabled: false
+    #
     # enable and set dmaap-proxy for mountpointRegistrar
     dmaapProxy:
       enabled: false
@@ -318,10 +330,28 @@ config:
       user: addUserHere
       password: addPasswordHere
       url: addProxyUrlHere
-
-
-
-
+    oauth:
+      enabled: false
+      tokenIssuer: ONAP SDNC
+      tokenSecret: secret
+      supportOdlusers: true
+      redirectUri: null
+      publicUrl: none
+      odluxRbac:
+        enabled: true
+      # example definition for a oauth provider
+      providersSecrets:
+        keycloak: d8d7ed52-0691-4353-9ac6-5383e72e9c46
+      providers:
+      - id: keycloak
+        type: KEYCLOAK
+        host: http://keycloak:8080
+        clientId: odlux.app
+        secret: ${KEYCLOAK_SECRET}
+        scope: openid
+        title: ONAP Keycloak Provider
+        roleMapping:
+          mykeycloak: admin
 
 # dependency / sub-chart configuration
 certInitializer:
author	Sylvain Desbureaux <sylvain.desbureaux@orange.com>	2021-04-06 12:35:18 +0000
committer	Gerrit Code Review <gerrit@onap.org>	2021-04-06 12:35:18 +0000
commit	7e8244a3a3a835a8758ffa865542f4dc53bb6771 (patch)
tree	f63fa226051851e441e363ee6d4aeb2d6a3ac709 /kubernetes/sdnc/values.yaml
parent	333281b85d86c356ab0f09caab82890fce0442fb (diff)
parent	b43e92cc48e97622a3bdcb0cc385ae5bf894b1b5 (diff)