add dex connectors configuration

swisscom · Aug 3, 2023 · ea19d78 · ea19d78
1 parent bc966fb
commit ea19d78
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 15 deletions.
diff --git a/config.example.yaml b/config.example.yaml
@@ -8,6 +8,21 @@ kubernetes:
     secret: "hSPJw9AyyJMh3iQLF2V0RBGCkdRw7qSI" # generate a new secret with: cat /dev/urandom | tr -dc A-Za-z0-9 | head -c32
     cookie: "R2ltbFNBTlV4MWs1UGxzUTNKZkZNOGpnUnNUWjRuc2g=" # generate a new cookie secret with: openssl rand -base64 32 | head -c 32 | base64
   admin_password: "$2y$10$qZjfVBeMRHlRZPwX2uDrIe4zjLyU8SPmz6ww6zoCxctoNrHIUfq7u" # generate a new password hash with: echo "<my-password>" | htpasswd -BinC 10 admin | cut -d: -f2
+  dex:
+    connectors: [] # see https://dexidp.io/docs/connectors/ for documentation
+    # - type: github # see https://dexidp.io/docs/connectors/github/ for documentation
+    #   id: github
+    #   name: GitHub
+    #   config:
+    #     clientID: my_github_client
+    #     clientSecret: my_github_client_secret
+    #     redirectURI: https://dex.my-kubernetes.my-domain.com/dex/callback
+    #     orgs:
+    #     - name: my-organization
+    #     - name: my-organization-with-teams
+    #       teams:
+    #       - red-team
+    #       - blue-team
 
 # vCD settings
 vcd:

diff --git a/deployments/dex.sh b/deployments/dex.sh
@@ -71,19 +71,9 @@ config:
     - 'https://grafana.${cluster_hostname}/login/generic_oauth'
     secret: "${oidc_secret}"
 
-  # connectors:
-  #   - type: github
-  #     id: github
-  #     name: GitHub
-  #     config:
-  #       clientID: <your github app client ID here>
-  #       clientSecret: <your github app client secret here>
-  #       redirectURI: https://dex.${cluster_hostname}/dex/callback
-  #       # you can configure the connector further, for example by restricting it to only a certain org or team.
-  #       # These restrictions depend on the provider, check the Dex documentation for more info.
-  #       #orgs:
-  #       #- name: exampleorg
+  connectors: []
 EOF
+yq -e eval '.config.connectors = (load("config.yaml") | .kubernetes.dex.connectors // [])' -i "deployments/${chart}.values.yaml"
 deployments/install-chart.sh "${repository}" "${chart}" "${namespace}" "${version}" "deployments/${chart}.values.yaml"
 
 echo " "

diff --git a/deployments/install-chart.sh b/deployments/install-chart.sh
@@ -28,9 +28,7 @@ if helm history --kubeconfig "${KUBECONFIG}" --max 1 --namespace "${namespace}"
 	helm uninstall --kubeconfig "${KUBECONFIG}" --wait --namespace "${namespace}" "${chart}"
 fi
 
-echo "installing chart [${chart}] with values.yaml configuration:"
-cat "${values}" || true
-echo " "
+echo "installing chart [${chart}] ..."
 helm upgrade --kubeconfig "${KUBECONFIG}" \
 	--install --create-namespace --dependency-update \
 	--cleanup-on-fail --atomic --wait --timeout "10m" \