diff options
| author |   demskeq8 <alexander.dehn@highstreet-technologies.com> | 2021-02-12 15:43:48 +0100 |
|---|---|---|
| committer |   Sylvain Desbureaux <sylvain.desbureaux@orange.com> | 2021-04-02 12:25:41 +0000 |
| commit | b43e92cc48e97622a3bdcb0cc385ae5bf894b1b5 (patch) | |
| tree | 6b5055d50aafd8ea3661b3b2b01f9e007c3cc4a3 /kubernetes/sdnc/values.yaml | |
| parent | 20079a297aee94db6f5690a60a27fc34a72d0b35 (diff) | |
[SDNC] Enable SDNC to use external oauth provider
- add additional environment variables
- add config file for external oauth-providers
Issue-ID: OOM-2675
Signed-off-by: demskeq8 <alexander.dehn@highstreet-technologies.com>
Change-Id: I235d3f46f5d109a1e82bdaa3c9de97508116fbe3
[Improve secretes handling]
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Diffstat (limited to 'kubernetes/sdnc/values.yaml')
| -rw-r--r-- | kubernetes/sdnc/values.yaml | 38 |
1 files changed, 34 insertions, 4 deletions
diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml index 802722f400..d20c3645c1 100644 --- a/kubernetes/sdnc/values.yaml +++ b/kubernetes/sdnc/values.yaml @@ -117,6 +117,17 @@ secrets: login: '{{ .Values.config.scaleoutUser }}' password: '{{ .Values.config.scaleoutPassword }}' passwordPolicy: required + - uid: oauth-token-secret + type: password + externalSecret: '{{ ternary (tpl (default "" .Values.config.sdnr.oauth.tokenExternalSecret) .) "oauth-disabled" .Values.config.sdnr.oauth.enabled }}' + password: '{{ .Values.config.sdnr.oauth.tokenSecret }}' + passwordPolicy: required + - uid: keycloak-secret + type: password + externalSecret: '{{ ternary (tpl (default "" .Values.config.sdnr.oauth.providersSecrets.keycloakExternalSecret) .) "oauth-disabled" .Values.config.sdnr.oauth.enabled }}' + password: '{{ .Values.config.sdnr.oauth.providersSecrets.keycloak }}' + passwordPolicy: required + ################################################################# # Certificates ################################################################# @@ -231,6 +242,7 @@ config: sdnrdbTrustAllCerts: true mountpointRegistrarEnabled: false mountpointStateProviderEnabled: false + # # enable and set dmaap-proxy for mountpointRegistrar dmaapProxy: enabled: false @@ -238,10 +250,28 @@ config: user: addUserHere password: addPasswordHere url: addProxyUrlHere - - - - + oauth: + enabled: false + tokenIssuer: ONAP SDNC + tokenSecret: secret + supportOdlusers: true + redirectUri: null + publicUrl: none + odluxRbac: + enabled: true + # example definition for a oauth provider + providersSecrets: + keycloak: d8d7ed52-0691-4353-9ac6-5383e72e9c46 + providers: + - id: keycloak + type: KEYCLOAK + host: http://keycloak:8080 + clientId: odlux.app + secret: ${KEYCLOAK_SECRET} + scope: openid + title: ONAP Keycloak Provider + roleMapping: + mykeycloak: admin # dependency / sub-chart configuration certInitializer: |