cosmetic(oidc-test): rename CM oidc-test to oidc-test-env

feat: add oidc-test app component
fix(hydra-ldap): update werther secret name references
2023-12-11 11:19:25 +01:00 · 2023-12-11 10:46:19 +01:00 · 2023-12-11 10:46:19 +01:00 · 2023-12-11 10:46:19 +01:00 · 2023-12-11 10:46:19 +01:00 · 2023-12-11 10:46:19 +01:00
12 changed files with 71 additions and 127 deletions
--- a/components/hydra-cnpg-database/kustomization.yaml
+++ b/components/hydra-cnpg-database/kustomization.yaml
@ -29,7 +29,7 @@ vars:
  fieldref:
    fieldpath: metadata.name

-patches:
+patchesJson6902:
 - target:
    group: apps
    version: v1
@ -42,9 +42,3 @@ patches:
    kind: Job
    name: hydra-migrate
  path: patches/hydra-migrate-job.yaml
- target:
-    group: batch
-    version: v1
-    kind: CronJob
-    name: hydra-janitor
-  path: patches/hydra-janitor-cronjob.yaml
--- a/components/hydra-cnpg-database/patches/hydra-janitor-cronjob.yaml
+++ b/components/hydra-cnpg-database/patches/hydra-janitor-cronjob.yaml
@ -1,21 +0,0 @@
- op: add
-  path: "/spec/jobTemplate/spec/template/spec/containers/0/env/-"
-  value:
-    name: HYDRA_DATABASE_USER
-    valueFrom:
-      secretKeyRef:
-        name: hydra-postgres-user
-        key: username
- op: add
-  path: "/spec/jobTemplate/spec/template/spec/containers/0/env/-"
-  value:
-    name: HYDRA_DATABASE_PASSWORD
-    valueFrom:
-      secretKeyRef:
-        name: hydra-postgres-user
-        key: password
- op: add
-  path: "/spec/jobTemplate/spec/template/spec/containers/0/env/-"
-  value:
-    name: DSN
-    value: "postgres://$(HYDRA_DATABASE_USER):$(HYDRA_DATABASE_PASSWORD)@$(HYDRA_DATABASE_SERVICE_NAME)-rw:5432/hydra?sslmode=disable"
--- a/components/oidc-test/resources/deployment.yaml
+++ b/components/oidc-test/resources/deployment.yaml
@ -17,23 +17,23 @@ spec:
        app.kubernetes.io/name: oidc-test
    spec:
      containers:
-      - image: reg.cadoles.com/cadoles/oidc-test:2023.12.6-stable.1502.ebfd504
-        name: oidc-test
-        ports:
-        - containerPort: 8080
-        resources: {}
-        envFrom:
-        - configMapRef:
-            name: oidc-test-env
-        env:
-        - name: OIDC_CLIENT_ID
-          valueFrom:
-            secretKeyRef:
-              name: oidc-test-oauth2-client
-              key: CLIENT_ID
-        - name: OIDC_CLIENT_SECRET
-          valueFrom:
-            secretKeyRef:
-              name: oidc-test-oauth2-client
-              key: CLIENT_SECRET
+        - image: reg.cadoles.com/cadoles/oidc-test:2023.12.6-stable.1502.ebfd504
+          name: oidc-test
+          ports:
+            - containerPort: 8080
+          resources: {}
+          envFrom:
+          - configMapRef:
+              name: oidc-test-env
+          env:
+          - name: OIDC_CLIENT_ID
+            valueFrom:
+              secretKeyRef:
+                name: oidc-test-oauth2-client
+                key: client_id
+          - name: OIDC_CLIENT_SECRET
+            valueFrom:
+              secretKeyRef:
+                name: oidc-test-oauth2-client
+                key: client_secret
      restartPolicy: Always
--- a/examples/authenticated-app/kustomization.yaml
+++ b/examples/authenticated-app/kustomization.yaml
@ -2,12 +2,19 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization

 resources:
-  - ../../overlays/full
+  - ../../overlays/base
  - ./resources/ingress.yaml
  - ./resources/saml-idp.yaml
  - ./resources/self-signed-issuer.yaml
  - ./resources/port-forwarder.yaml

+components:
+  - ../../components/hydra-cnpg-database
+  - ../../components/oidc-test
+  #- ../../components/hydra-oidc
+  - ../../components/hydra-saml
+
+
 patchesJson6902:
  - target:
      version: v1
@ -31,7 +38,7 @@ patchesJson6902:
    path: patches/hydra-secret.yaml
  - target:
      version: v1
-      kind: ConfigMap
+      kind: Secret
      name: oidc-test
    path: patches/oidc-test.yaml
  - target:
--- a/examples/authenticated-app/patches/oidc-test-oauth2-client.yaml
+++ b/examples/authenticated-app/patches/oidc-test-oauth2-client.yaml
@ -3,4 +3,4 @@
  value: https://ssokustom/oauth2/callback
 - op: replace
  path: "/spec/postLogoutRedirectUris/0"
-  value: https://ssokustom
+  value: https://ssokustom/oauth2/callback
--- a/examples/authenticated-app/patches/oidc-test.yaml
+++ b/examples/authenticated-app/patches/oidc-test.yaml
@ -1,3 +1,6 @@
+- op: replace
+  path: "/data/LOG_LEVEL"
+  value: 0
 - op: replace
  path: "/data/OIDC_REDIRECT_URL"
  value: https://ssokustom/oauth2/callback
--- a/kustomization.yaml
+++ b/kustomization.yaml
@ -1,5 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-
-resources:
- ./overlays/base
--- a/overlays/full/kustomization.yaml
+++ b/overlays/full/kustomization.yaml
@ -13,5 +13,4 @@ components:
 - ../../components/hydra-cnpg-database
 - ../../components/hydra-oidc
 - ../../components/hydra-saml
- ../../components/hydra-sql
- ../../components/oidc-test
+- ../../components/hydra-sql
--- a/resources/hydra/kustomization.yaml
+++ b/resources/hydra/kustomization.yaml
@ -9,7 +9,6 @@ resources:
  - ./resources/hydra-serviceaccount.yaml
  - ./resources/hydra-migrate-job.yaml
  - ./resources/hydra-maester
-  - ./resources/hydra-janitor-cronjob.yaml

 secretGenerator:
  - name: hydra-secret
--- a/resources/hydra/resources/hydra-janitor-cronjob.yaml
+++ b/resources/hydra/resources/hydra-janitor-cronjob.yaml
@ -1,34 +0,0 @@
-apiVersion: batch/v1
-kind: CronJob
-metadata:
-  name: hydra-janitor
-  labels:
-    app.kubernetes.io/name: hydra-janitor
-spec:
-  concurrencyPolicy: Forbid
-  schedule: "0 */1 * * *"
-  jobTemplate:
-    spec:
-      template:
-        metadata:
-          labels:
-            app.kubernetes.io/name: hydra-janitor
-        spec:
-          restartPolicy: OnFailure
-          serviceAccountName: hydra-sa
-          containers:
-            - name: janitor
-              image: reg.cadoles.com/proxy_cache/oryd/hydra:v2.0.3
-              envFrom:
-              - configMapRef:
-                  name: hydra-env
-              imagePullPolicy: IfNotPresent
-              command: ["hydra"]
-              env: []
-              args:
-                - janitor
-                - --read-from-env
-                - --grants
-                - --requests
-                - --tokens
-              resources: {}
--- a/resources/hydra/resources/hydra-maester/kustomization.yaml
+++ b/resources/hydra/resources/hydra-maester/kustomization.yaml
@ -2,14 +2,14 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization

 resources:
- ./resources/hydra-maester-deployment.yaml
- ./resources/hydra-maester-rbac.yaml
-#- https://raw.githubusercontent.com/ory/k8s/v0.28.2/helm/charts/hydra-maester/crds/crd-oauth2clients.yaml
+  - ./resources/hydra-maester-deployment.yaml
+  - ./resources/hydra-maester-rbac.yaml
+  - https://raw.githubusercontent.com/ory/k8s/v0.28.2/helm/charts/hydra-maester/crds/crd-oauth2clients.yaml

 configMapGenerator:
- name: hydra-maester-env
-  literals:
-  - APP_ENV=prod
-  - APP_DEBUG=false
-  - HYDRA_ADMIN_BASE_URL=http://hydra
-  - HYDRA_ADMIN_PORT=4445
+  - name: hydra-maester-env
+    literals:
+      - APP_ENV=prod
+      - APP_DEBUG=false
+      - HYDRA_ADMIN_BASE_URL=http://hydra
+      - HYDRA_ADMIN_PORT=4445
--- a/resources/hydra/resources/hydra-maester/resources/hydra-maester-deployment.yaml
+++ b/resources/hydra/resources/hydra-maester/resources/hydra-maester-deployment.yaml
@ -1,3 +1,4 @@
+---
 # Source: hydra/charts/hydra-maester/templates/deployment.yaml
 apiVersion: apps/v1
 kind: Deployment
@ -6,7 +7,7 @@ metadata:
  labels:
    app.kubernetes.io/name: hydra-maester
    app.kubernetes.io/instance: hydra-master
-    app.kubernetes.io/version: "v0.0.32"
+    app.kubernetes.io/version: "v0.0.23"
 spec:
  replicas: 1
  revisionHistoryLimit: 10
@ -24,31 +25,32 @@ spec:
      annotations:
    spec:
      containers:
-      - name: hydra-maester
-        image: reg.cadoles.com/proxy_cache/oryd/hydra-maester:v0.0.32-amd64
-        imagePullPolicy: IfNotPresent
-        envFrom:
-        - configMapRef:
-            name: hydra-maester-env
-        command:
-        - /manager
-        args:
-        - --metrics-addr=127.0.0.1:8080
-        - --hydra-url=$(HYDRA_ADMIN_BASE_URL)
-        - --hydra-port=$(HYDRA_ADMIN_PORT)
-        - --endpoint=/admin/clients
-        resources: {}
-        terminationMessagePath: /dev/termination-log
-        terminationMessagePolicy: File
-        securityContext:
-          allowPrivilegeEscalation: false
-          capabilities:
-            drop:
-            - ALL
-          privileged: false
-          readOnlyRootFilesystem: true
-          runAsNonRoot: true
-          runAsUser: 1000
+        - name: hydra-maester
+          image: reg.cadoles.com/proxy_cache/oryd/hydra-maester:v0.0.25
+          imagePullPolicy: IfNotPresent
+          envFrom:
+            - configMapRef:
+                name: hydra-maester-env
+          command:
+            - /manager
+          args:
+            - --metrics-addr=127.0.0.1:8080
+            - --hydra-url=$(HYDRA_ADMIN_BASE_URL)
+            - --hydra-port=$(HYDRA_ADMIN_PORT)
+            - --endpoint=/admin/clients
+          resources:
+            {}
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+              - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsNonRoot: true
+            runAsUser: 1000
      serviceAccountName: hydra-maester-account
      automountServiceAccountToken: true
      nodeSelector:
Author	SHA1	Message	Date
Laurent Gourvénec	02a6cdd035	cosmetic(oidc-test): rename CM oidc-test to oidc-test-env	2023-12-11 11:19:25 +01:00
William Petit	ad1c9d2bc3	feat: add oidc-test app component	2023-12-11 10:46:19 +01:00
William Petit	ddbedf45ee	fix(hydra-ldap): update werther secret name references	2023-12-11 10:46:19 +01:00
William Petit	fec08c3d50	fix(hydra-ldap): update werther container port name	2023-12-11 10:46:19 +01:00
William Petit	2db406470a	feat(hydra-ldap): rename resources from werther to hydra-ldap	2023-12-11 10:46:19 +01:00
Laurent Gourvénec	60af2f7a7f	feat(werther): update image	2023-12-11 10:46:19 +01:00
Laurent Gourvénec	d557eae1c2	feat(werther): adding a timeout for LDAP connection	2023-12-11 10:46:19 +01:00
Laurent Gourvénec	d43645dcdd	feat(component): adding werther	2023-12-11 10:46:19 +01:00
wpetit	c24f40d45f	Merge pull request 'Utilisations des images symfony-containers' (#2 ) from symfony-containers into develop Reviewed-on: #2	2023-11-17 17:06:17 +01:00
William Petit	93895720d9	feat(hydra-dispatcher): update image tag	2023-11-17 17:03:40 +01:00
Matthieu Lamalle	c0865d9bf6	update hydra-dispatcher probes and image ref	2023-11-08 09:44:08 +01:00
Matthieu Lamalle	87bbdcdd55	add probes	2023-11-08 09:44:08 +01:00
Matthieu Lamalle	61cc316e1c	add hydra-sql deployment	2023-11-08 09:44:08 +01:00
Philippe Caseiro	24b69b0146	fix(saml): fixing port name longer than 15c	2023-11-08 09:44:08 +01:00
Philippe Caseiro	62b63c2e87	feat(hydra-sql): adding new hydra login app	2023-11-08 09:43:46 +01:00
Matthieu Lamalle	1cbfa69e70	set correct tag for hydra-oidc	2023-11-08 09:43:46 +01:00
Matthieu Lamalle	56b8240e59	add imagepullpolicy rule	2023-11-08 09:43:46 +01:00
Matthieu Lamalle	3a125101e1	remove loginapp default app configmap	2023-11-08 09:43:46 +01:00
Matthieu Lamalle	738fa46970	update config default apps filename	2023-11-08 09:43:32 +01:00
Matthieu Lamalle	ff2bd411ab	set default configuration	2023-11-08 09:43:09 +01:00
Matthieu Lamalle	1f24a92dc3	correciton config	2023-11-08 09:43:09 +01:00
Matthieu Lamalle	6920de878e	set hydra-oidc side container	2023-11-08 09:42:47 +01:00
Matthieu Lamalle	aab1770988	set hydra-dispatcher side container	2023-11-08 09:42:47 +01:00
Matthieu Lamalle	9e897057a3	set hydra-dispatcher side container	2023-11-08 09:42:47 +01:00
Matthieu Lamalle	da756c5e07	set correct path for hydra-dispatcher conf	2023-11-08 09:42:47 +01:00
Matthieu Lamalle	a21be87c46	Utilisation images symfony-containers	2023-11-08 09:42:47 +01:00