feat: use hydra-maester fork

see https://github.com/ory/hydra-maester/issues/151
Merge pull request 'feat(redis): manage limits' (#60 ) from feat/redis_limits into unstable
2025-03-07 16:48:00 +01:00 · 2025-02-21 14:43:22 +01:00 · 2025-02-21 14:34:06 +01:00 · 2025-02-19 14:55:24 +01:00 · 2025-02-19 14:43:25 +01:00 · 2025-02-19 11:27:49 +01:00
8 changed files with 31 additions and 3 deletions
--- a/components/hydra-ldap/kustomization.yaml
+++ b/components/hydra-ldap/kustomization.yaml
@ -7,6 +7,7 @@ resources:

 configMapGenerator:
  - name: hydra-ldap-env
+    behavior: create
    literals:
      - WERTHER_DEV_MODE=false
      - WERTHER_LDAP_ROLE_CLAIM="https://hydra/claims/roles"
@ -21,6 +22,7 @@ configMapGenerator:

 secretGenerator:
  - name: hydra-ldap-sc
+    behavior: create
    literals:
      - WERTHER_LDAP_BINDDN="cn=reader,o=test,c=fr"
      - WERTHER_LDAP_BINDPW=ThisMustBeAbsolutelyChanged
--- a/components/oidc-test/resources/oauth2-client.yaml
+++ b/components/oidc-test/resources/oauth2-client.yaml
@ -16,3 +16,4 @@ spec:
    - https://example.net/oauth2/callback
  postLogoutRedirectUris:
    - https://example.net
+  userInfoSignedResponseAlg: "RS256"
--- a/components/redis/configurations/redis-conf.yaml
+++ b/components/redis/configurations/redis-conf.yaml
@ -0,0 +1,5 @@
+nameReference:
+  - kind: ConfigMap
+    fieldSpecs:
+      - kind: Redis
+        path: spec/redisConfig/additionalRedisConfig
--- a/components/redis/files/redis-additional.conf
+++ b/components/redis/files/redis-additional.conf
@ -0,0 +1,3 @@
+maxmemory-policy allkeys-lru
+maxmemory 1536mb
+tcp-keepalive 90
--- a/components/redis/kustomization.yaml
+++ b/components/redis/kustomization.yaml
@ -1,9 +1,17 @@
 apiVersion: kustomize.config.k8s.io/v1alpha1
 kind: Component

+configurations:
+  - ./configurations/redis-conf.yaml
+
 resources:
  - ./resources/redis-sso.yaml

+configMapGenerator:
+- name: redis-sso-extra-conf
+  files:
+    - ./files/redis-additional.conf
+
 patches:
  - path: ./patches/hydra-apps.yaml
    target:
--- a/components/redis/resources/redis-sso.yaml
+++ b/components/redis/resources/redis-sso.yaml
@ -6,6 +6,15 @@ spec:
  kubernetesConfig:
    image: reg.cadoles.com/quay/opstree/redis:v7.0.15
    imagePullPolicy: IfNotPresent
+    resources:
+      requests:
+        cpu: 500m
+        memory: 1024Mi
+      limits:
+        cpu: 2000m
+        memory: 2048Mi
+  redisConfig:
+    additionalRedisConfig: redis-sso-extra-conf
  storage:
    volumeClaimTemplate:
      spec:
@ -16,4 +25,3 @@ spec:
            storage: 1Gi
  securityContext:
    runAsUser: 1000
-    fsGroup: 1000
--- a/examples/k8s/kind/cluster/kustomization.yaml
+++ b/examples/k8s/kind/cluster/kustomization.yaml
@ -1,11 +1,12 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-  - https://forge.cadoles.com/CadolesKube/c-kustom//crds?ref=develop
+  - https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v0.31.0/crds.yaml
  - https://github.com/cert-manager/cert-manager/releases/download/v1.10.0/cert-manager.yaml
  - ./resources/olm
  - https://forge.cadoles.com/CadolesKube/c-kustom//base/cloudnative-pg-operator?ref=develop
  - https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/kind/deploy.yaml
+  - https://forge.cadoles.com/CadolesKube/hydra-maester//config/crd?ref=issue-151

 patches:
  - path: patches/nginx-controller.yaml
--- a/resources/hydra/resources/hydra-maester/resources/hydra-maester-deployment.yaml
+++ b/resources/hydra/resources/hydra-maester/resources/hydra-maester-deployment.yaml
@ -26,7 +26,7 @@ spec:
    spec:
      containers:
        - name: hydra-maester
-          image: reg.cadoles.com/proxy_cache/oryd/hydra-maester:v0.0.25
+          image: reg.cadoles.com/wpetit/hydra-maester:latest
          imagePullPolicy: IfNotPresent
          envFrom:
            - configMapRef:
Author	SHA1	Message	Date
William Petit	e372ffdbcf	feat: use hydra-maester fork see https://github.com/ory/hydra-maester/issues/151	2025-03-07 16:48:00 +01:00
wpetit	f300b91316	Merge pull request 'feat(redis): manage limits' (#60 ) from feat/redis_limits into unstable Reviewed-on: #60	2025-02-21 14:43:22 +01:00
Laurent Gourvénec	30ba1f4d5a	feat(redis): manage limits	2025-02-21 14:34:06 +01:00
wpetit	d9bdbccfe4	Merge pull request 'fix(redis): fsGroup in security context is not applied' (#59 ) from fix/redis_fsgroup into unstable Reviewed-on: #59	2025-02-19 14:55:24 +01:00
Laurent Gourvénec	2d329501c0	fix(redis): fsGroup in security context is not applied The fsGroup is not applied to configuration of the pod and it's disturbing flux.	2025-02-19 14:43:25 +01:00
wpetit	dc2c97c7f6	Merge pull request 'fix(hydra-ldap): adding behavior to secret and CM generators' (#57 ) from fix/hydra_ldap_flux into unstable Reviewed-on: #57	2025-02-19 11:27:49 +01:00
Laurent Gourvénec	c9d8917e6c	fix(hydra-ldap): adding behavior to secret and CM generators	2025-02-19 11:22:36 +01:00