From d693700c07b73ee6e6e7beac46527b31c3e5ed5e Mon Sep 17 00:00:00 2001
From: root <root@cli.oas.lightmoon.net>
Date: Fri, 15 Oct 2021 09:25:37 +0000
Subject: [PATCH] Serveral updates and improvements on the charts
---
.gitlab-ci.yml | 14 -------
docker-compose.yml | 31 +---------------
helmchart/single-sign-on/pvc.yaml | 13 -------
helmchart/single-sign-on/requirements.yaml | 5 ++-
.../templates/pvc-kratos-database.yaml | 37 +++++++++++++++++++
helmchart/single-sign-on/values.yaml | 31 ++++++++++++++--
6 files changed, 68 insertions(+), 63 deletions(-)
delete mode 100644 helmchart/single-sign-on/pvc.yaml
create mode 100644 helmchart/single-sign-on/templates/pvc-kratos-database.yaml
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 539d4ae..cdf6b78 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -41,20 +41,6 @@ login_provider:
- login_provider/**/*
- .gitlab-ci.yml
-# Build kratos image
-kratos:
- stage: build
- needs: []
- variables:
- KANIKO_CONTEXT: "kratos"
- KANIKO_BUILD_IMAGENAME: $CI_JOB_NAME
- extends: .kaniko_build
- only:
- changes:
- - kratos/**/*
- - .gitlab-ci.yml
-
-
integration_test_app:
stage: build-test-images
variables:
diff --git a/docker-compose.yml b/docker-compose.yml
index 2c04ce9..76747c6 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -88,33 +88,4 @@ services:
- "13337:13337"
command: flask run --port 13337
restart: unless-stopped
- kratos-migrate:
- build: ./kratos
- command: -c /etc/config/kratos/kratos.yml migrate sql -e --yes
- environment:
- - DSN=postgres://kratos:secret@kratos-db:5433/kratos?sslmode=disable
- restart: on-failure
- kratos:
- build: ./kratos
- depends_on:
- - kratos-db
- - kratos-migrate
- - mailslurper
- ports:
- - "4433:4433" # public
- - "4434:4434" # admin
- restart: unless-stopped
- environment:
- - LOG_LEVEL=trace
- - DSN=postgres://kratos:secret@kratos-db:5433/kratos?sslmode=disable
- command: serve -c /etc/config/kratos/kratos.yml --dev --watch-courier
- kratos-db:
- image: postgres:11
- environment:
- - POSTGRES_PASSWORD=kratossecret
- ports:
- - "5433:5433"
- #volumes:
- # - .local/kratos/psql:/var/lib/postgresql/data
- # change port via command https://github.com/docker-library/postgres/issues/196
- command: -p 5433
+
diff --git a/helmchart/single-sign-on/pvc.yaml b/helmchart/single-sign-on/pvc.yaml
deleted file mode 100644
index ab6818c..0000000
--- a/helmchart/single-sign-on/pvc.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
----
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
- name: single-sign-on-kratos-database
-spec:
- accessModes:
- - ReadWriteOnce
- volumeMode: Filesystem
- resources:
- requests:
- storage: 1Gi
- storageClassName: local-path
diff --git a/helmchart/single-sign-on/requirements.yaml b/helmchart/single-sign-on/requirements.yaml
index 28ca3a5..cd1f9fc 100644
--- a/helmchart/single-sign-on/requirements.yaml
+++ b/helmchart/single-sign-on/requirements.yaml
@@ -1,4 +1,4 @@
-# Documentation: https://k8s.ory.sh/helm/kratos.html
+# https://k8s.ory.sh/helm/hydra.html
dependencies:
- name: hydra
version: 0.0.48
@@ -8,8 +8,9 @@ dependencies:
# https://github.com/bitnami/charts/tree/master/bitnami/postgresql
+# https://artifacthub.io/packages/helm/bitnami/postgresql
- name: postgresql
- version: 8.6.4
+ version: 10.12.4
repository: "https://charts.bitnami.com/bitnami"
tags:
- single-sign-on
diff --git a/helmchart/single-sign-on/templates/pvc-kratos-database.yaml b/helmchart/single-sign-on/templates/pvc-kratos-database.yaml
new file mode 100644
index 0000000..56a3802
--- /dev/null
+++ b/helmchart/single-sign-on/templates/pvc-kratos-database.yaml
@@ -0,0 +1,37 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ name: single-sign-on-kratos-database
+spec:
+ accessModes:
+ - ReadWriteOnce
+ volumeMode: Filesystem
+ resources:
+ requests:
+ storage: 1Gi
+ storageClassName: local-path
+
+
+#{{- if .Values.postgresql.persistence.enabled -}}
+#{{- if not .Values.postgresql.persistence.existingClaim -}}
+#apiVersion: v1
+#kind: PersistentVolumeClaim
+#metadata:
+# name: {{ include "single-sign-on.fullname" . }}-postgresql
+#{{- if .Values.postgresql.persistence.annotations }}
+# annotations:
+#{{ toYaml .Values.postgresql.persistence.annotations | indent 4 }}
+#{{- end }}
+#spec:
+# accessModes:
+# - ReadWriteOnce
+# resources:
+# requests:
+# storage: {{ .Values.postgresql.persistence.size }}
+#{{- if .Values.postgresql.persistence.storageClass }}
+#{{- if not (eq "-" .Values.postgresql.persistence.storageClass) }}
+# storageClassName: "{{ .Values.postgresql.persistence.storageClass }}"
+#{{- end }}
+#{{- end }}
+#{{- end -}}
+#{{- end -}}
diff --git a/helmchart/single-sign-on/values.yaml b/helmchart/single-sign-on/values.yaml
index daff7c0..dbbf874 100644
--- a/helmchart/single-sign-on/values.yaml
+++ b/helmchart/single-sign-on/values.yaml
@@ -72,26 +72,49 @@ userbackend:
postgresql:
persistence:
+ existingClaim: "single-sign-on-kratos-database"
enabled: true
- existingClaim: "kratos-database"
+ size: 1Gi
+ storageClass: "-"
+ annotations: {}
postgresqlDatabase: kratos
postgresqlUsername: kratos
postgresqlPassword: kratos
kratos:
+ image:
+ tag: v0.7.3-alpha.1
+
kratos:
+ identitySchemas:
+ "identity.default.schema.json": |
+ {
+ "$schema": "http://json-schema.org/draft-07/schema#",
+ "type": "object",
+ "properties": {
+ "bar": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "bar"
+ ]
+ }
+
+ autoMigrate: true
config:
+ identity:
+ default_schema_url: file://identity.default.schema.json
dsn: postgres://kratos:kratos@single-sign-on-postgresql:5432/kratos
selfservice:
default_browser_return_url: https://stackspin.net
- identity:
- default_schema_url: base64://ewogICIkc2NoZW1hIjogImh0dHA6Ly9qc29uLXNjaGVtYS5vcmcvZHJhZnQtMDcvc2NoZW1hIyIsCiAgInR5cGUiOiAib2JqZWN0IiwKICAicHJvcGVydGllcyI6IHsKICAgICJiYXIiOiB7CiAgICAgICJ0eXBlIjogInN0cmluZyIKICAgIH0KICB9LAogICJyZXF1aXJlZCI6IFsKICAgICJiYXIiCiAgXQp9
+
secrets:
session:
- a password goes here
- a secred goes here
log:
- level: trace
+ level: info
courier:
smtp:
connection_uri: smtps://kratos:kratos@smtp.greenhost.nl:465/
--
GitLab