diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 539d4ae2e141a3f3d1d9fa50728edb0f1e12a3d7..cdf6b78aa10b67875006572e6b2b341f1db94825 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -41,20 +41,6 @@ login_provider:
- login_provider/**/*
- .gitlab-ci.yml
-# Build kratos image
-kratos:
- stage: build
- needs: []
- variables:
- KANIKO_CONTEXT: "kratos"
- KANIKO_BUILD_IMAGENAME: $CI_JOB_NAME
- extends: .kaniko_build
- only:
- changes:
- - kratos/**/*
- - .gitlab-ci.yml
-
-
integration_test_app:
stage: build-test-images
variables:
diff --git a/docker-compose.yml b/docker-compose.yml
index 2c04ce9501db63b834f58f749af9a9cba32efaa5..76747c60faa09b5a28d98bacac24aaeae9991893 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -88,33 +88,4 @@ services:
- "13337:13337"
command: flask run --port 13337
restart: unless-stopped
- kratos-migrate:
- build: ./kratos
- command: -c /etc/config/kratos/kratos.yml migrate sql -e --yes
- environment:
- - DSN=postgres://kratos:secret@kratos-db:5433/kratos?sslmode=disable
- restart: on-failure
- kratos:
- build: ./kratos
- depends_on:
- - kratos-db
- - kratos-migrate
- - mailslurper
- ports:
- - "4433:4433" # public
- - "4434:4434" # admin
- restart: unless-stopped
- environment:
- - LOG_LEVEL=trace
- - DSN=postgres://kratos:secret@kratos-db:5433/kratos?sslmode=disable
- command: serve -c /etc/config/kratos/kratos.yml --dev --watch-courier
- kratos-db:
- image: postgres:11
- environment:
- - POSTGRES_PASSWORD=kratossecret
- ports:
- - "5433:5433"
- #volumes:
- # - .local/kratos/psql:/var/lib/postgresql/data
- # change port via command https://github.com/docker-library/postgres/issues/196
- command: -p 5433
+
diff --git a/helmchart/single-sign-on/pvc.yaml b/helmchart/single-sign-on/pvc.yaml
deleted file mode 100644
index ab6818c65f324229de6092cd4690303a69e4be9c..0000000000000000000000000000000000000000
--- a/helmchart/single-sign-on/pvc.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
----
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
- name: single-sign-on-kratos-database
-spec:
- accessModes:
- - ReadWriteOnce
- volumeMode: Filesystem
- resources:
- requests:
- storage: 1Gi
- storageClassName: local-path
diff --git a/helmchart/single-sign-on/requirements.yaml b/helmchart/single-sign-on/requirements.yaml
index 28ca3a5a61d269ed4b0dce4a10e1e72800416c88..cd1f9fc6b01da8a9a3a6d6853ee03ef8241311f7 100644
--- a/helmchart/single-sign-on/requirements.yaml
+++ b/helmchart/single-sign-on/requirements.yaml
@@ -1,4 +1,4 @@
-# Documentation: https://k8s.ory.sh/helm/kratos.html
+# https://k8s.ory.sh/helm/hydra.html
dependencies:
- name: hydra
version: 0.0.48
@@ -8,8 +8,9 @@ dependencies:
# https://github.com/bitnami/charts/tree/master/bitnami/postgresql
+# https://artifacthub.io/packages/helm/bitnami/postgresql
- name: postgresql
- version: 8.6.4
+ version: 10.12.4
repository: "https://charts.bitnami.com/bitnami"
tags:
- single-sign-on
diff --git a/helmchart/single-sign-on/templates/pvc-kratos-database.yaml b/helmchart/single-sign-on/templates/pvc-kratos-database.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..56a380222af02c866440334b1ad8f0ab5af3a659
--- /dev/null
+++ b/helmchart/single-sign-on/templates/pvc-kratos-database.yaml
@@ -0,0 +1,37 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ name: single-sign-on-kratos-database
+spec:
+ accessModes:
+ - ReadWriteOnce
+ volumeMode: Filesystem
+ resources:
+ requests:
+ storage: 1Gi
+ storageClassName: local-path
+
+
+#{{- if .Values.postgresql.persistence.enabled -}}
+#{{- if not .Values.postgresql.persistence.existingClaim -}}
+#apiVersion: v1
+#kind: PersistentVolumeClaim
+#metadata:
+# name: {{ include "single-sign-on.fullname" . }}-postgresql
+#{{- if .Values.postgresql.persistence.annotations }}
+# annotations:
+#{{ toYaml .Values.postgresql.persistence.annotations | indent 4 }}
+#{{- end }}
+#spec:
+# accessModes:
+# - ReadWriteOnce
+# resources:
+# requests:
+# storage: {{ .Values.postgresql.persistence.size }}
+#{{- if .Values.postgresql.persistence.storageClass }}
+#{{- if not (eq "-" .Values.postgresql.persistence.storageClass) }}
+# storageClassName: "{{ .Values.postgresql.persistence.storageClass }}"
+#{{- end }}
+#{{- end }}
+#{{- end -}}
+#{{- end -}}
diff --git a/helmchart/single-sign-on/values.yaml b/helmchart/single-sign-on/values.yaml
index daff7c0a100e9ac2b572a89c5a624d18f879f792..dbbf874c2bb3d55ebe7355830dca1e93cdafd203 100644
--- a/helmchart/single-sign-on/values.yaml
+++ b/helmchart/single-sign-on/values.yaml
@@ -72,26 +72,49 @@ userbackend:
postgresql:
persistence:
+ existingClaim: "single-sign-on-kratos-database"
enabled: true
- existingClaim: "kratos-database"
+ size: 1Gi
+ storageClass: "-"
+ annotations: {}
postgresqlDatabase: kratos
postgresqlUsername: kratos
postgresqlPassword: kratos
kratos:
+ image:
+ tag: v0.7.3-alpha.1
+
kratos:
+ identitySchemas:
+ "identity.default.schema.json": |
+ {
+ "$schema": "http://json-schema.org/draft-07/schema#",
+ "type": "object",
+ "properties": {
+ "bar": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "bar"
+ ]
+ }
+
+ autoMigrate: true
config:
+ identity:
+ default_schema_url: file://identity.default.schema.json
dsn: postgres://kratos:kratos@single-sign-on-postgresql:5432/kratos
selfservice:
default_browser_return_url: https://stackspin.net
- identity:
- default_schema_url: base64://ewogICIkc2NoZW1hIjogImh0dHA6Ly9qc29uLXNjaGVtYS5vcmcvZHJhZnQtMDcvc2NoZW1hIyIsCiAgInR5cGUiOiAib2JqZWN0IiwKICAicHJvcGVydGllcyI6IHsKICAgICJiYXIiOiB7CiAgICAgICJ0eXBlIjogInN0cmluZyIKICAgIH0KICB9LAogICJyZXF1aXJlZCI6IFsKICAgICJiYXIiCiAgXQp9
+
secrets:
session:
- a password goes here
- a secred goes here
log:
- level: trace
+ level: info
courier:
smtp:
connection_uri: smtps://kratos:kratos@smtp.greenhost.nl:465/