From 3c4fcd5faa914ea7270d8b48fbb263056afd5e40 Mon Sep 17 00:00:00 2001 From: Moritz Heuser Date: Wed, 4 May 2022 00:10:59 +0200 Subject: [PATCH 1/2] feat: Otional configMap for config feat: Optional configMap for config feat: Optional configMap for config feat: Optional configMap for config chore: Updated version and docs chore: working on release action Revert "chore: Updated version and docs" This reverts commit 78e551c89e38f1d2034d0afc3a7cbf8cb012b7a5. chore: Updated version and docs Revert "chore: working on release action" This reverts commit 7d68e183f213056774ad7bbae48369ff463b8dce. --- charts/dex/Chart.yaml | 2 +- charts/dex/README.md | 9 ++++++--- charts/dex/templates/_helpers.tpl | 11 +++++++++++ charts/dex/templates/configmap.yaml | 11 +++++++++++ charts/dex/templates/deployment.yaml | 6 ++++++ charts/dex/templates/secret.yaml | 2 +- charts/dex/values.yaml | 19 +++++++++++++++++++ 7 files changed, 55 insertions(+), 5 deletions(-) create mode 100644 charts/dex/templates/configmap.yaml diff --git a/charts/dex/Chart.yaml b/charts/dex/Chart.yaml index 5a656cde..b8f61439 100644 --- a/charts/dex/Chart.yaml +++ b/charts/dex/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 type: application name: dex -version: 0.8.2 +version: 0.9.0 appVersion: "2.31.1" kubeVersion: ">=1.14.0-0" description: OpenID Connect (OIDC) identity and OAuth 2.0 provider with pluggable connectors. diff --git a/charts/dex/README.md b/charts/dex/README.md index 018e3e26..d2bba9c0 100644 --- a/charts/dex/README.md +++ b/charts/dex/README.md @@ -1,6 +1,6 @@ # dex -![version: 0.8.2](https://img.shields.io/badge/version-0.8.2-informational?style=flat-square) ![type: application](https://img.shields.io/badge/type-application-informational?style=flat-square) ![app version: 2.31.1](https://img.shields.io/badge/app%20version-2.31.1-informational?style=flat-square) ![kube version: >=1.14.0-0](https://img.shields.io/badge/kube%20version->=1.14.0--0-informational?style=flat-square) [![artifact hub](https://img.shields.io/badge/artifact%20hub-dex-informational?style=flat-square)](https://artifacthub.io/packages/helm/dex/dex) +![version: 0.9.0](https://img.shields.io/badge/version-0.9.0-informational?style=flat-square) ![type: application](https://img.shields.io/badge/type-application-informational?style=flat-square) ![app version: 2.31.1](https://img.shields.io/badge/app%20version-2.31.1-informational?style=flat-square) ![kube version: >=1.14.0-0](https://img.shields.io/badge/kube%20version->=1.14.0--0-informational?style=flat-square) [![artifact hub](https://img.shields.io/badge/artifact%20hub-dex-informational?style=flat-square)](https://artifacthub.io/packages/helm/dex/dex) OpenID Connect (OIDC) identity and OAuth 2.0 provider with pluggable connectors. @@ -120,8 +120,11 @@ ingress: | hostAliases | list | `[]` | A list of hosts and IPs that will be injected into the pod's hosts file if specified. See the [API reference](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#hostname-and-name-resolution) | | https.enabled | bool | `false` | Enable the HTTPS endpoint. | | grpc.enabled | bool | `false` | Enable the gRPC endpoint. Read more in the [documentation](https://dexidp.io/docs/api/). | -| configSecret.create | bool | `true` | Enable creating a secret from the values passed to `config`. If set to false, name must point to an existing secret. | -| configSecret.name | string | `""` | The name of the secret to mount as configuration in the pod. If not set and create is true, a name is generated using the fullname template. Must point to secret that contains at least a `config.yaml` key. | +| configType | string | `"secret"` | The manifest type from which the content of the `config` should be resolved from. Can be `secret` or `configMap`. | +| configSecret.create | bool | `true` | Enable creating a secret from the values passed to `config`. If set to false, name must point to an existing secret. Only active when `configType` is `secret`. | +| configSecret.name | string | `""` | The name of the secret to mount as configuration in the pod. If not set and create is true, a name is generated using the fullname template. Must point to secret that contains at least a `config.yaml` key. Only active when `configType` is `secret`. | +| configMap.create | bool | `true` | Enable creating a configMap from the values passed to `config`. If set to false, name must point to an existing config map. Only active when `configType` is `configMap`. | +| configMap.name | string | `""` | The name of the configMap to mount as configuration in the pod. If not set and create is true, a name is generated using the fullname template. Must point to configMap that contains at least a `config.yaml` key. Only active when `configType` is `configMap`. | | config | object | `{}` | Application configuration. See the [official documentation](https://dexidp.io/docs/). | | volumes | list | `[]` | Additional storage [volumes](https://kubernetes.io/docs/concepts/storage/volumes/). See the [API reference](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#volumes-1) for details. | | volumeMounts | list | `[]` | Additional [volume mounts](https://kubernetes.io/docs/tasks/configure-pod-container/configure-volume-storage/). See the [API reference](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#volumes-1) for details. | diff --git a/charts/dex/templates/_helpers.tpl b/charts/dex/templates/_helpers.tpl index b50e7207..2eb63c39 100644 --- a/charts/dex/templates/_helpers.tpl +++ b/charts/dex/templates/_helpers.tpl @@ -71,3 +71,14 @@ Create the name of the secret containing the config file to use {{- default "default" .Values.configSecret.name }} {{- end }} {{- end }} + +{{/* +Create the name of the configMap containing the config file to use +*/}} +{{- define "dex.configMapName" -}} +{{- if .Values.configMap.create }} +{{- default (include "dex.fullname" .) .Values.configMap.name }} +{{- else }} +{{- default "default" .Values.configMap.name }} +{{- end }} +{{- end }} diff --git a/charts/dex/templates/configmap.yaml b/charts/dex/templates/configmap.yaml new file mode 100644 index 00000000..2a4dc162 --- /dev/null +++ b/charts/dex/templates/configmap.yaml @@ -0,0 +1,11 @@ +{{- if and (eq .Values.configType "configMap") .Values.configSecret.create -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "dex.configMapName" . }} + labels: + {{- include "dex.labels" . | nindent 4 }} +data: + config.yaml: | +{{ .Values.config | toYaml | indent 4 }} +{{- end }} diff --git a/charts/dex/templates/deployment.yaml b/charts/dex/templates/deployment.yaml index 1f3ad4b8..632a0c9d 100644 --- a/charts/dex/templates/deployment.yaml +++ b/charts/dex/templates/deployment.yaml @@ -110,9 +110,15 @@ spec: {{- toYaml . | nindent 12 }} {{- end }} volumes: + {{- if eq .Values.configType "secret" }} - name: config secret: secretName: {{ include "dex.configSecretName" . }} + {{- else if eq .Values.configType "configMap" }} + - name: config + configMap: + mame: {{ include "dex.configMapName" . }} + {{- end }} {{- with .Values.volumes }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/dex/templates/secret.yaml b/charts/dex/templates/secret.yaml index 27d39546..25513744 100644 --- a/charts/dex/templates/secret.yaml +++ b/charts/dex/templates/secret.yaml @@ -1,4 +1,4 @@ -{{- if .Values.configSecret.create -}} +{{- if and (eq .Values.configType "secret") .Values.configSecret.create -}} apiVersion: v1 kind: Secret metadata: diff --git a/charts/dex/values.yaml b/charts/dex/values.yaml index f879cdf3..24df5c34 100644 --- a/charts/dex/values.yaml +++ b/charts/dex/values.yaml @@ -37,14 +37,33 @@ grpc: # Read more in the [documentation](https://dexidp.io/docs/api/). enabled: false + +# -- The manifest type from which the content of the `config` should be resolved from. +# Can be `secret` or `configMap`. +configType: secret + configSecret: # -- Enable creating a secret from the values passed to `config`. # If set to false, name must point to an existing secret. + # Only active when `configType` is `secret`. create: true # -- The name of the secret to mount as configuration in the pod. # If not set and create is true, a name is generated using the fullname template. # Must point to secret that contains at least a `config.yaml` key. + # Only active when `configType` is `secret`. + name: "" + +configMap: + # -- Enable creating a configMap from the values passed to `config`. + # If set to false, name must point to an existing config map. + # Only active when `configType` is `configMap`. + create: true + + # -- The name of the configMap to mount as configuration in the pod. + # If not set and create is true, a name is generated using the fullname template. + # Must point to configMap that contains at least a `config.yaml` key. + # Only active when `configType` is `configMap`. name: "" # -- Application configuration. From 80815e9357b1a2c8ff2f481e7efa41542a3a0f7e Mon Sep 17 00:00:00 2001 From: Moritz Heuser Date: Wed, 4 May 2022 02:40:54 +0200 Subject: [PATCH 2/2] fix: typo on configmap volume mount --- charts/dex/templates/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/dex/templates/deployment.yaml b/charts/dex/templates/deployment.yaml index 632a0c9d..055519d0 100644 --- a/charts/dex/templates/deployment.yaml +++ b/charts/dex/templates/deployment.yaml @@ -117,7 +117,7 @@ spec: {{- else if eq .Values.configType "configMap" }} - name: config configMap: - mame: {{ include "dex.configMapName" . }} + name: {{ include "dex.configMapName" . }} {{- end }} {{- with .Values.volumes }} {{- toYaml . | nindent 8 }}