diff options
Diffstat (limited to 'kubernetes/authentication/components/oauth2-proxy/ci')
10 files changed, 89 insertions, 0 deletions
diff --git a/kubernetes/authentication/components/oauth2-proxy/ci/default-values.yaml b/kubernetes/authentication/components/oauth2-proxy/ci/default-values.yaml new file mode 100644 index 0000000000..fc2ba605ad --- /dev/null +++ b/kubernetes/authentication/components/oauth2-proxy/ci/default-values.yaml @@ -0,0 +1 @@ +# Leave this file empty to ensure that CI runs builds against the default configuration in values.yaml. diff --git a/kubernetes/authentication/components/oauth2-proxy/ci/extra-args-as-dict-values.yaml b/kubernetes/authentication/components/oauth2-proxy/ci/extra-args-as-dict-values.yaml new file mode 100644 index 0000000000..92dc451807 --- /dev/null +++ b/kubernetes/authentication/components/oauth2-proxy/ci/extra-args-as-dict-values.yaml @@ -0,0 +1,4 @@ +extraArgs: + pass-authorization-header: "true" + request-logging: "true" + allowed-role: client_id:client_role diff --git a/kubernetes/authentication/components/oauth2-proxy/ci/extra-args-as-list-values.yaml b/kubernetes/authentication/components/oauth2-proxy/ci/extra-args-as-list-values.yaml new file mode 100644 index 0000000000..5f47a5f479 --- /dev/null +++ b/kubernetes/authentication/components/oauth2-proxy/ci/extra-args-as-list-values.yaml @@ -0,0 +1,5 @@ +extraArgs: + - "--pass-authorization-header=true" + - "--request-logging=true" + - --allowed-role=client_id:client_role_A + - --allowed-role=client_id_B:client_role_C diff --git a/kubernetes/authentication/components/oauth2-proxy/ci/extra-env-tpl-values.yaml b/kubernetes/authentication/components/oauth2-proxy/ci/extra-env-tpl-values.yaml new file mode 100644 index 0000000000..357dba9153 --- /dev/null +++ b/kubernetes/authentication/components/oauth2-proxy/ci/extra-env-tpl-values.yaml @@ -0,0 +1,6 @@ +tplValue: "This is a test value for the template function" +extraEnv: + - name: TEST_ENV_VAR_1 + value: test_value_1 + - name: TEST_ENV_VAR_2 + value: '{{ .Values.tplValue }}' diff --git a/kubernetes/authentication/components/oauth2-proxy/ci/ingress-extra-paths-values.yaml b/kubernetes/authentication/components/oauth2-proxy/ci/ingress-extra-paths-values.yaml new file mode 100644 index 0000000000..e74a393db0 --- /dev/null +++ b/kubernetes/authentication/components/oauth2-proxy/ci/ingress-extra-paths-values.yaml @@ -0,0 +1,14 @@ +ingress: + enabled: true + path: / + pathType: ImplementationSpecific + hosts: + - chart-example.local + extraPaths: + - path: /* + pathType: ImplementationSpecific + backend: + service: + name: ssl-redirect + port: + name: use-annotation diff --git a/kubernetes/authentication/components/oauth2-proxy/ci/pdb-values.yaml b/kubernetes/authentication/components/oauth2-proxy/ci/pdb-values.yaml new file mode 100644 index 0000000000..25b16272a7 --- /dev/null +++ b/kubernetes/authentication/components/oauth2-proxy/ci/pdb-values.yaml @@ -0,0 +1 @@ +replicaCount: 2 # Enables PodDisruptionBudget which is disabled when replicaCount is 1 diff --git a/kubernetes/authentication/components/oauth2-proxy/ci/pod-security-context-values.yaml b/kubernetes/authentication/components/oauth2-proxy/ci/pod-security-context-values.yaml new file mode 100644 index 0000000000..b7c8cea546 --- /dev/null +++ b/kubernetes/authentication/components/oauth2-proxy/ci/pod-security-context-values.yaml @@ -0,0 +1,4 @@ +# Allocate a FSGroup that owns the pod’s volumes via podSecurityContext +--- +podSecurityContext: + fsGroup: 2000 diff --git a/kubernetes/authentication/components/oauth2-proxy/ci/redis-standalone-values.yaml b/kubernetes/authentication/components/oauth2-proxy/ci/redis-standalone-values.yaml new file mode 100644 index 0000000000..e58c32cf0c --- /dev/null +++ b/kubernetes/authentication/components/oauth2-proxy/ci/redis-standalone-values.yaml @@ -0,0 +1,15 @@ +sessionStorage: + type: redis + redis: + clientType: "standalone" + password: "foo" +redis: + # provision an instance of the redis sub-chart + enabled: true + architecture: standalone + global: + redis: + password: "foo" +initContainers: + waitForRedis: + enabled: true diff --git a/kubernetes/authentication/components/oauth2-proxy/ci/servicemonitor-values.yaml b/kubernetes/authentication/components/oauth2-proxy/ci/servicemonitor-values.yaml new file mode 100644 index 0000000000..0c232bf5c1 --- /dev/null +++ b/kubernetes/authentication/components/oauth2-proxy/ci/servicemonitor-values.yaml @@ -0,0 +1,18 @@ +metrics: + enabled: true + serviceMonitor: + enabled: true + annotations: + key: value + metricRelabelings: + - action: keep + regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+' + sourceLabels: [__name__] + + relabelings: + - sourceLabels: [__meta_kubernetes_pod_node_name] + separator: ; + regex: ^(.*)$ + targetLabel: nodename + replacement: $1 + action: replace diff --git a/kubernetes/authentication/components/oauth2-proxy/ci/tpl-values.yaml b/kubernetes/authentication/components/oauth2-proxy/ci/tpl-values.yaml new file mode 100644 index 0000000000..65977d921b --- /dev/null +++ b/kubernetes/authentication/components/oauth2-proxy/ci/tpl-values.yaml @@ -0,0 +1,21 @@ +extraEnv: + - name: TEST_ENV_VAR_2 + value: '{{ $.Release.Name }}' +ingress: + enabled: true + hosts: + - "{{ $.Release.Name }}.local" + tls: + - hosts: + - "{{ $.Release.Name }}.local" +oauth2-proxy: + checkDeprecation: false + config: + clientSecret: '{{ $.Release.Name }}' + configFile: | + oidc_issuer_url = "https://{{ $.Release.Name }}/dex" + +pass_authorization_header: "true" + +extraArgs: + pass-authorization-header: "{{ $.Values.pass_authorization_header }}" |