Compare commits
5 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 320d494e8d | |||
| 1c5eb098f8 | |||
| 3aedee1f9f | |||
| c184fc6b9c | |||
| 86754cf518 |
@ -7,7 +7,7 @@ resources:
|
||||
- ./resources/oauth2-client.yaml
|
||||
|
||||
configMapGenerator:
|
||||
- name: oidc-test
|
||||
- name: oidc-test-env
|
||||
literals:
|
||||
- LOG_LEVEL=0
|
||||
- HTTP_ADDRESS=0.0.0.0:8080
|
||||
|
||||
@ -17,23 +17,23 @@ spec:
|
||||
app.kubernetes.io/name: oidc-test
|
||||
spec:
|
||||
containers:
|
||||
- image: reg.cadoles.com/cadoles/oidc-test:2023.12.6-stable.1502.ebfd504
|
||||
name: oidc-test
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
resources: {}
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: oidc-test
|
||||
env:
|
||||
- name: OIDC_CLIENT_ID
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: oidc-test-oauth2-client
|
||||
key: client_id
|
||||
- name: OIDC_CLIENT_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: oidc-test-oauth2-client
|
||||
key: client_secret
|
||||
- image: reg.cadoles.com/cadoles/oidc-test:2023.12.6-stable.1502.ebfd504
|
||||
name: oidc-test
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
resources: {}
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: oidc-test-env
|
||||
env:
|
||||
- name: OIDC_CLIENT_ID
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: oidc-test-oauth2-client
|
||||
key: CLIENT_ID
|
||||
- name: OIDC_CLIENT_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: oidc-test-oauth2-client
|
||||
key: CLIENT_SECRET
|
||||
restartPolicy: Always
|
||||
|
||||
@ -10,7 +10,6 @@ resources:
|
||||
- ./resources/hydra-migrate-job.yaml
|
||||
- ./resources/hydra-maester
|
||||
- ./resources/hydra-janitor-cronjob.yaml
|
||||
- ./resources/hydra-hpa.yaml
|
||||
|
||||
secretGenerator:
|
||||
- name: hydra-secret
|
||||
|
||||
@ -55,9 +55,6 @@ spec:
|
||||
name: hydra-public
|
||||
- containerPort: 4445
|
||||
name: hydra-admin
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 128Mi
|
||||
resources: {}
|
||||
restartPolicy: Always
|
||||
|
||||
|
||||
@ -1,26 +0,0 @@
|
||||
apiVersion: autoscaling/v2
|
||||
kind: HorizontalPodAutoscaler
|
||||
metadata:
|
||||
name: hydra
|
||||
labels:
|
||||
io.kompose.service: hydra
|
||||
spec:
|
||||
scaleTargetRef:
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
name: hydra
|
||||
minReplicas: 1
|
||||
maxReplicas: 3
|
||||
metrics:
|
||||
- type: Resource
|
||||
resource:
|
||||
name: memory
|
||||
target:
|
||||
type: Utilization
|
||||
averageUtilization: 80
|
||||
- type: Resource
|
||||
resource:
|
||||
name: cpu
|
||||
target:
|
||||
type: Utilization
|
||||
averageUtilization: 80
|
||||
@ -2,14 +2,14 @@ apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
resources:
|
||||
- ./resources/hydra-maester-deployment.yaml
|
||||
- ./resources/hydra-maester-rbac.yaml
|
||||
- https://raw.githubusercontent.com/ory/k8s/v0.28.2/helm/charts/hydra-maester/crds/crd-oauth2clients.yaml
|
||||
- ./resources/hydra-maester-deployment.yaml
|
||||
- ./resources/hydra-maester-rbac.yaml
|
||||
#- https://raw.githubusercontent.com/ory/k8s/v0.28.2/helm/charts/hydra-maester/crds/crd-oauth2clients.yaml
|
||||
|
||||
configMapGenerator:
|
||||
- name: hydra-maester-env
|
||||
literals:
|
||||
- APP_ENV=prod
|
||||
- APP_DEBUG=false
|
||||
- HYDRA_ADMIN_BASE_URL=http://hydra
|
||||
- HYDRA_ADMIN_PORT=4445
|
||||
- name: hydra-maester-env
|
||||
literals:
|
||||
- APP_ENV=prod
|
||||
- APP_DEBUG=false
|
||||
- HYDRA_ADMIN_BASE_URL=http://hydra
|
||||
- HYDRA_ADMIN_PORT=4445
|
||||
|
||||
@ -1,4 +1,3 @@
|
||||
---
|
||||
# Source: hydra/charts/hydra-maester/templates/deployment.yaml
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
@ -7,7 +6,7 @@ metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: hydra-maester
|
||||
app.kubernetes.io/instance: hydra-master
|
||||
app.kubernetes.io/version: "v0.0.23"
|
||||
app.kubernetes.io/version: "v0.0.32"
|
||||
spec:
|
||||
replicas: 1
|
||||
revisionHistoryLimit: 10
|
||||
@ -25,32 +24,31 @@ spec:
|
||||
annotations:
|
||||
spec:
|
||||
containers:
|
||||
- name: hydra-maester
|
||||
image: reg.cadoles.com/proxy_cache/oryd/hydra-maester:v0.0.25
|
||||
imagePullPolicy: IfNotPresent
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: hydra-maester-env
|
||||
command:
|
||||
- /manager
|
||||
args:
|
||||
- --metrics-addr=127.0.0.1:8080
|
||||
- --hydra-url=$(HYDRA_ADMIN_BASE_URL)
|
||||
- --hydra-port=$(HYDRA_ADMIN_PORT)
|
||||
- --endpoint=/admin/clients
|
||||
resources:
|
||||
{}
|
||||
terminationMessagePath: /dev/termination-log
|
||||
terminationMessagePolicy: File
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
privileged: false
|
||||
readOnlyRootFilesystem: true
|
||||
runAsNonRoot: true
|
||||
runAsUser: 1000
|
||||
- name: hydra-maester
|
||||
image: reg.cadoles.com/proxy_cache/oryd/hydra-maester:v0.0.32-amd64
|
||||
imagePullPolicy: IfNotPresent
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: hydra-maester-env
|
||||
command:
|
||||
- /manager
|
||||
args:
|
||||
- --metrics-addr=127.0.0.1:8080
|
||||
- --hydra-url=$(HYDRA_ADMIN_BASE_URL)
|
||||
- --hydra-port=$(HYDRA_ADMIN_PORT)
|
||||
- --endpoint=/admin/clients
|
||||
resources: {}
|
||||
terminationMessagePath: /dev/termination-log
|
||||
terminationMessagePolicy: File
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
privileged: false
|
||||
readOnlyRootFilesystem: true
|
||||
runAsNonRoot: true
|
||||
runAsUser: 1000
|
||||
serviceAccountName: hydra-maester-account
|
||||
automountServiceAccountToken: true
|
||||
nodeSelector:
|
||||
|
||||
Reference in New Issue
Block a user