Compare commits

..

24 Commits

Author SHA1 Message Date
wpetit 435597f9f1 feat(hydra-dispatcher): update image tag 2023-12-11 10:47:56 +01:00
Matthieu Lamalle ee2bb1ea45 update hydra-dispatcher probes and image ref 2023-12-11 10:47:56 +01:00
Matthieu Lamalle 63c5d7259c add probes 2023-12-11 10:47:56 +01:00
Matthieu Lamalle 815917c306 add hydra-sql deployment 2023-12-11 10:47:56 +01:00
Philippe Caseiro bc6fe46e1c fix(saml): fixing port name longer than 15c 2023-12-11 10:47:56 +01:00
Philippe Caseiro 1b1cc27916 feat(hydra-sql): adding new hydra login app 2023-12-11 10:47:56 +01:00
Matthieu Lamalle d37e85000f set correct tag for hydra-oidc 2023-12-11 10:47:56 +01:00
Matthieu Lamalle d9570ec8d0 add imagepullpolicy rule 2023-12-11 10:47:56 +01:00
Matthieu Lamalle d56ae059a3 remove loginapp default app configmap 2023-12-11 10:47:56 +01:00
Matthieu Lamalle 5ec48c8b22 update config default apps filename 2023-12-11 10:47:56 +01:00
Matthieu Lamalle aaae6e2f20 set default configuration 2023-12-11 10:47:56 +01:00
Matthieu Lamalle 081e854454 correciton config 2023-12-11 10:47:56 +01:00
Matthieu Lamalle 3dba6c0d69 set hydra-oidc side container 2023-12-11 10:47:56 +01:00
Matthieu Lamalle 8c6dc30bde set hydra-dispatcher side container 2023-12-11 10:47:56 +01:00
Matthieu Lamalle 4ff0f83880 set hydra-dispatcher side container 2023-12-11 10:47:56 +01:00
Matthieu Lamalle e93bc069d3 set correct path for hydra-dispatcher conf 2023-12-11 10:47:56 +01:00
Matthieu Lamalle a56089efe5 Utilisation images symfony-containers 2023-12-11 10:47:56 +01:00
wpetit c4998279d5 Merge pull request 'feat(component): adding hydra-ldap' (#6) from f/werther into master
Reviewed-on: #6
2023-12-11 10:13:18 +01:00
wpetit 6de80b1d9c fix(hydra-ldap): update werther secret name references 2023-12-11 10:06:37 +01:00
wpetit 2f3cf60974 fix(hydra-ldap): update werther container port name 2023-12-11 09:56:27 +01:00
wpetit bf865b02e2 feat(hydra-ldap): rename resources from werther to hydra-ldap 2023-12-11 09:50:33 +01:00
Laurent Gourvenec 063b575117 feat(werther): update image 2023-12-06 15:38:40 +01:00
Laurent Gourvenec 38d3f1c1df feat(werther): adding a timeout for LDAP connection 2023-12-06 14:40:24 +01:00
Laurent Gourvenec 6acda0553e feat(component): adding werther 2023-11-29 10:22:33 +01:00
3 changed files with 94 additions and 0 deletions

View File

@ -0,0 +1,26 @@
apiVersion: kustomize.config.k8s.io/v1alpha1
kind: Component
resources:
- ./resources/deployment.yaml
- ./resources/service.yaml
configMapGenerator:
- name: hydra-ldap-env
literals:
- WERTHER_DEV_MODE=false
- WERTHER_LDAP_ROLE_CLAIM="https://hydra/claims/roles"
- WERTHER_SKIP_SSL_VERIFICATIONS=false
- WERTHER_IDENTP_CLAIM_SCOPES="name:profile,family_name:profile,given_name:profile,email:email,https%3A%2F%2Fhydra%2Fclaims%2Froles:roles"
- WERTHER_IDENTP_HYDRA_URL="http://hydra:4444"
- WERTHER_LDAP_ENDPOINTS="ldap.test.fr:636"
- WERTHER_LDAP_IS_TLS=true
- WERTHER_LDAP_BASEDN="o=test,c=fr"
- WERTHER_LDAP_ROLE_BASEDN="ou=groups,o=test,c=fr"
- WERTHER_LDAP_CONNECTION_TIMEOUT="10s"
secretGenerator:
- name: hydra-ldap-sc
literals:
- WERTHER_LDAP_BINDDN="cn=reader,o=test,c=fr"
- WERTHER_LDAP_BINDPW=ThisMustBeAbsolutelyChanged

View File

@ -0,0 +1,51 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: hydra-ldap
namespace: default
labels:
app.kubernetes.io/name: hydra-ldap
app.kubernetes.io/version: "v1.2.2"
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: hydra-ldap
template:
metadata:
labels:
app.kubernetes.io/name: hydra-ldap
app.kubernetes.io/version: "v1.2.2"
spec:
containers:
- name: werther
image: reg.cadoles.com/cadoles/hydra-werther:2023.12.6-stable.1421.15a4717
imagePullPolicy: IfNotPresent
envFrom:
- configMapRef:
name: hydra-ldap-env
env:
- name: WERTHER_WEB_DIR
value: "/usr/share/werther/login/"
- name: WERTHER_LDAP_BINDDN
valueFrom:
secretKeyRef:
name: hydra-ldap-sc
key: WERTHER_LDAP_BINDDN
- name: WERTHER_LDAP_BINDPW
valueFrom:
secretKeyRef:
name: hydra-ldap-sc
key: WERTHER_LDAP_BINDPW
ports:
- containerPort: 8080
name: hydra-ldap-http
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 100

View File

@ -0,0 +1,17 @@
apiVersion: v1
kind: Service
metadata:
labels:
io.kompose.service: hydra-ldap
name: hydra-ldap
spec:
type: ClusterIP
ports:
- name: hydra-ldap
port: 8080
targetPort: hydra-ldap-http
protocol: TCP
selector:
app.kubernetes.io/name: hydra-ldap
status:
loadBalancer: {}