Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

charts: Provide 3 options for oidc configuration #1920

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

charts: Provide 3 options for oidc configuration #1920

wants to merge 1 commit into from

Conversation

knrt10
Copy link
Contributor

@knrt10 knrt10 commented Apr 22, 2024
edited

Now users have 3 different way they can set oidc configuration

  • Directly set values of respective config.oidc.clientID and others which inject them into ENV variable, to be used by args.
  • Use external i.e. already created secret with the same keys as args.
  • Use config.oidc.secret.create functionality to create secret and have them dynamically loaded into the headlamp deployment.

Fixes: #1897

Testing

Scenario 1

This is when user just want to use ENV variables directly.

  • Set values of config.oidc. clientID, clientSecret, issuerURL, scopes in values.yaml and set config.oidc.secret as false
  • Run helm template charts/headlamp

Scenario 2

This is when user wants to use external secret created by them

  • Create a new secret with above config.oidc values. For reference check template/secret.yaml. Then create it in your k8s cluster using kubectl command.
  • Set config.oidc.secret as false and set config.oidc.externalSecret as true and also the name of secret.
  • Run helm template charts/headlamp

Scenario 3

This is when user want to use the secret created by headlamp

  • Set values of config.oidc. clientID, clientSecret, issuerURL, scopes in values.yaml and set config.oidc.secret as true
  • Run helm template charts/headlamp

@knrt10 knrt10 requested review from illume and yolossn April 22, 2024 06:35
illume
illume reviewed Apr 22, 2024
View reviewed changes
Copy link
Contributor

@illume illume left a comment
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice one.

Could you please mention what testing was done in the PR description?

I see documentation inline, but perhaps this needs to be documented somewhere in docs/ as well?

Did you look at how the bitnami charts for redis/mongo/postgresql are done?
I see they use examples and document paramaters in detail https://github.com/bitnami/charts/blob/main/bitnami/postgresql/values.yaml#L1635
Also they have a values.schema.json https://github.com/bitnami/charts/blob/main/bitnami/postgresql/values.schema.json

@knrt10
Copy link
Contributor Author

knrt10 commented Apr 22, 2024

Thanks for the review. I did find the parama docs used by bitnami to be useful. Will do that and add these to the documentation someplace

@illume
Copy link
Contributor

illume commented Apr 24, 2024

I added a separate issue for adding a json schema to the chart #1926 if that is out of scope for this PR.

@knrt10 knrt10 requested a review from illume April 29, 2024 07:21
joaquimrocha
joaquimrocha requested changes May 8, 2024
View reviewed changes
Copy link
Collaborator

@joaquimrocha joaquimrocha left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added a comment about some of the logic used. Can you also add the template tests for this?

charts/headlamp/templates/deployment.yaml Outdated Show resolved Hide resolved
charts/headlamp/templates/deployment.yaml Outdated Show resolved Hide resolved
@illume illume marked this pull request as draft May 13, 2024 08:59
@knrt10 knrt10 requested a review from joaquimrocha May 14, 2024 07:37
@knrt10 knrt10 marked this pull request as ready for review May 14, 2024 07:38
@knrt10 knrt10 added this to the v0.24.0 milestone May 14, 2024
@knrt10 knrt10 requested a review from illume May 20, 2024 04:47
@knrt10
charts: Provide 3 options for oidc configuration
d687cc8 
Now users have 3 different way they can set oidc configuration

- Directly set values of respective config.oidc.clientID and others
  which inject them into ENV variable, to be used by args.
- Use external i.e. already created secret with the same keys as args.
- Use config.oidc.secret.create functionality to create secret and have
  them dynamically loaded into the headlamp deployment.

Fixes: #1897
Signed-off-by: Kautilya Tripathi <[email protected]>
illume
illume approved these changes May 23, 2024
View reviewed changes
Copy link
Contributor

@illume illume left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@illume illume illume approved these changes

@yolossn yolossn Awaiting requested review from yolossn

@joaquimrocha joaquimrocha Awaiting requested review from joaquimrocha

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v0.24.0
Development

Successfully merging this pull request may close these issues.

Illogical behaviour with oidc
3 participants
@knrt10 @illume @joaquimrocha