From a78f36e37e8def2e4c3ee49112bb2ff9bb1eac25 Mon Sep 17 00:00:00 2001
From: Mark <mark@openappstack.net>
Date: Wed, 18 Dec 2019 14:45:01 +0100
Subject: [PATCH] Fix secret
---
.../single-sign-on/templates/deployment-userfrontend.yaml | 8 ++++----
.../templates/job-create-oauth2-client-userpanel.yaml | 4 ++--
.../templates/secret-oauth2-client-userpanel.yaml | 5 ++---
helmchart/single-sign-on/values.yaml | 8 ++++++--
4 files changed, 14 insertions(+), 11 deletions(-)
diff --git a/helmchart/single-sign-on/templates/deployment-userfrontend.yaml b/helmchart/single-sign-on/templates/deployment-userfrontend.yaml
index fd8599e..3fc7ea4 100644
--- a/helmchart/single-sign-on/templates/deployment-userfrontend.yaml
+++ b/helmchart/single-sign-on/templates/deployment-userfrontend.yaml
@@ -38,13 +38,13 @@ spec:
- name: OAUTH_CLIENT_ID
valueFrom:
secretKeyRef:
- name: userpanel-oauth2-client
- key: client_id
+ name: oauth2-clients
+ key: {{ .Values.userpanel.applicationName }}_client_id
- name: OAUTH_CLIENT_SECRET
valueFrom:
secretKeyRef:
- name: userpanel-oauth2-client
- key: client_secret
+ name: oauth2-clients
+ key: {{ .Values.userpanel.applicationName }}_client_secret
ports:
- name: userpanel
containerPort: 3000
diff --git a/helmchart/single-sign-on/templates/job-create-oauth2-client-userpanel.yaml b/helmchart/single-sign-on/templates/job-create-oauth2-client-userpanel.yaml
index b27efc1..8ca434e 100644
--- a/helmchart/single-sign-on/templates/job-create-oauth2-client-userpanel.yaml
+++ b/helmchart/single-sign-on/templates/job-create-oauth2-client-userpanel.yaml
@@ -27,12 +27,12 @@ spec:
valueFrom:
secretKeyRef:
name: oauth2-clients
- key: {{ .clientName }}.client_id
+ key: {{ .clientName }}_client_id
- name: CLIENT_SECRET
valueFrom:
secretKeyRef:
name: oauth2-clients
- key: {{ .clientName }}.client_secret
+ key: {{ .clientName }}_client_secret
- name: CLIENT_NAME
value: {{ .clientName | quote }}
- name: REDIRECT_URI
diff --git a/helmchart/single-sign-on/templates/secret-oauth2-client-userpanel.yaml b/helmchart/single-sign-on/templates/secret-oauth2-client-userpanel.yaml
index baad37d..efefd9b 100644
--- a/helmchart/single-sign-on/templates/secret-oauth2-client-userpanel.yaml
+++ b/helmchart/single-sign-on/templates/secret-oauth2-client-userpanel.yaml
@@ -5,7 +5,6 @@ metadata:
type: Opaque
data:
{{- range .Values.oAuthClients }}
- {{ .clientName }}:
- client_id: {{ .clientName | b64enc }}
- client_secret: {{ .clientSecret | b64enc }}
+ {{ .clientName }}_client_id: {{ .clientName | b64enc }}
+ {{ .clientName }}_client_secret: {{ .clientSecret | b64enc }}
{{- end }}
diff --git a/helmchart/single-sign-on/values.yaml b/helmchart/single-sign-on/values.yaml
index fc40409..0658978 100644
--- a/helmchart/single-sign-on/values.yaml
+++ b/helmchart/single-sign-on/values.yaml
@@ -16,6 +16,10 @@ loginProviderImage:
singleSignOnHost: &SSO_HOST sso.oas.example.net
userpanel:
+ # userpanel.applicationName is the name of the application. This is a duplicate of
+ # userbackend.applications[0].name but helm < 3.0 doesn't supprt direct references to
+ # list items in template files so we need to keep it for now
+ applicationName: &USER_PANEL user-panel
image:
# userpanel.image.tag and userpanel.image.pullPolicy should be the same as
# userbackend.image.tag and userpanel.image.pullPolicy as the images are released
@@ -34,7 +38,7 @@ userbackend:
# after the installation of the user backend.
username: "admin"
applications:
- - name: &user-panel user-panel
+ - name: *USER_PANEL
desctiption: Administration interface to manage user accounts
# username.password is the password of the admin user
password: "YouReallyNeedToChangeThis"
@@ -107,7 +111,7 @@ hydra:
oAuthClients:
# oauthClients[].clientName is the name of the oauth client that needs to be the same as
# the application name in userbackend.applications[].name
-- clientName: *user-panel
+- clientName: *USER_PANEL
# oauthClients[].clientSecret is the secret the client uses to authenticate
- clientSecret: "YouReallyNeedToChangeThis"
# oAuthClients[].redirectUri is the url the user will be redirected to by hydra when the
--
GitLab