From a21be87c46a85336abad0ac6e6d569946725c890 Mon Sep 17 00:00:00 2001 From: Matthieu Lamalle Date: Wed, 28 Jun 2023 10:14:26 +0200 Subject: [PATCH 01/18] Utilisation images symfony-containers --- components/hydra-oidc/kustomization.yaml | 4 +++- components/hydra-oidc/resources/hydra-oidc-deployment.yaml | 4 ++-- resources/hydra-dispatcher/kustomization.yaml | 2 ++ .../resources/hydra-dispatcher-deployment.yaml | 2 +- 4 files changed, 8 insertions(+), 4 deletions(-) diff --git a/components/hydra-oidc/kustomization.yaml b/components/hydra-oidc/kustomization.yaml index 6e6f2cb..fbbe3b8 100644 --- a/components/hydra-oidc/kustomization.yaml +++ b/components/hydra-oidc/kustomization.yaml @@ -10,6 +10,8 @@ configMapGenerator: literals: - APP_ENV=prod - APP_DEBUG=false + - PHP_FPM_MEMORY_LIMIT=256m + - NGINX_APP_SERVER_LISTEN=80 - HYDRA_ADMIN_BASE_URL=http://hydra-dispatcher - OIC_AUTHORIZE_ENDPOINT=https://oidc-idp/api/v1/authorize - OIDC_TOKEN_ENDPOINT=https://oidc-idp/api/v1/token @@ -34,4 +36,4 @@ patchesJson6902: version: v1 kind: ConfigMap name: hydra-dispatcher-env - path: patches/hydra-dispatcher-env.yaml \ No newline at end of file + path: patches/hydra-dispatcher-env.yaml diff --git a/components/hydra-oidc/resources/hydra-oidc-deployment.yaml b/components/hydra-oidc/resources/hydra-oidc-deployment.yaml index 11c754f..e537168 100644 --- a/components/hydra-oidc/resources/hydra-oidc-deployment.yaml +++ b/components/hydra-oidc/resources/hydra-oidc-deployment.yaml @@ -18,7 +18,7 @@ spec: spec: containers: - name: hydra-oidc - image: reg.cadoles.com/cadoles/hydra-oidc-v1:v0.0.0-170-g485b138 + image: reg.cadoles.com/cadoles/hydra-oidc:86ef32a-symfony-containers envFrom: - configMapRef: name: hydra-oidc-env @@ -26,4 +26,4 @@ spec: - containerPort: 80 resources: {} restartPolicy: Always - + diff --git a/resources/hydra-dispatcher/kustomization.yaml b/resources/hydra-dispatcher/kustomization.yaml index 23d854a..c44e6af 100644 --- a/resources/hydra-dispatcher/kustomization.yaml +++ b/resources/hydra-dispatcher/kustomization.yaml @@ -10,6 +10,8 @@ configMapGenerator: literals: - APP_ENV=prod - APP_DEBUG=false + - PHP_FPM_MEMORY_LIMIT=256m + - NGINX_APP_SERVER_LISTEN=80 - HYDRA_BASE_URL=http://hydra:4444 - HYDRA_ADMIN_BASE_URL=http://hydra:4445 - HYDRA_REWRITE_ISSUER=yes diff --git a/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml b/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml index 2a049ce..8b28c20 100644 --- a/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml +++ b/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml @@ -18,7 +18,7 @@ spec: spec: containers: - name: hydra-dispatcher - image: reg.cadoles.com/cadoles/hydra-dispatcher-v1:v0.0.0-238-g7236416 + image: reg.cadoles.com/cadoles/hydra-dispatcher:808658d-symfony-containers envFrom: - configMapRef: name: hydra-dispatcher-env -- 2.17.1 From da756c5e070df6b31b934433c52897aceffab169 Mon Sep 17 00:00:00 2001 From: Matthieu Lamalle Date: Wed, 28 Jun 2023 10:17:34 +0200 Subject: [PATCH 02/18] set correct path for hydra-dispatcher conf --- .../hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml b/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml index 8b28c20..2e17452 100644 --- a/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml +++ b/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml @@ -23,7 +23,7 @@ spec: - configMapRef: name: hydra-dispatcher-env volumeMounts: - - mountPath: /var/www/config/hydra + - mountPath: /app/config/hydra name: hydra-dispatcher-apps ports: - containerPort: 80 -- 2.17.1 From 9e897057a3c07d3353dfd4da43e456be0283b9cd Mon Sep 17 00:00:00 2001 From: Matthieu Lamalle Date: Fri, 30 Jun 2023 14:04:26 +0200 Subject: [PATCH 03/18] set hydra-dispatcher side container --- .../hydra-dispatcher-deployment.yaml | 35 ++++++++++++++++--- 1 file changed, 31 insertions(+), 4 deletions(-) diff --git a/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml b/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml index 2e17452..da764fb 100644 --- a/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml +++ b/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml @@ -17,20 +17,47 @@ spec: io.kompose.service: hydra-dispatcher spec: containers: - - name: hydra-dispatcher - image: reg.cadoles.com/cadoles/hydra-dispatcher:808658d-symfony-containers + - name: hydra-dispatcher-php-fpm + image: reg.cadoles.com/cadoles/hydra-dispatcher-base:0.0.1 + args: ["/usr/sbin/php-fpm7", "-F", "-e"] + env: + - name: PHP_FPM_LISTEN + value: 127.0.0.1:9000 + - name: PHP_MEMORY_LIMIT + value: 128m + - name: PHP_FPM_MEMORY_LIMIT + value: 128m envFrom: - configMapRef: name: hydra-dispatcher-env volumeMounts: - mountPath: /app/config/hydra name: hydra-dispatcher-apps + resources: {} + + - image: reg.cadoles.com/cadoles/hydra-dispatcher-base:0.0.1 + imagePullPolicy: Always + name: hydra-dispatcher-nginx + args: ["/usr/sbin/nginx"] + envFrom: + - configMapRef: + name: hydra-dispatcher-env + env: + - name: NGINX_APP_UPSTREAM_BACKEND_SERVER + value: 127.0.0.1:9000 + - name: NGINX_APP_ROOT + value: "/app/public/" + - name: NGINX_APP_PHP_INDEX + value: "/index.php" + - name: NGINX_ERROR_LOG_LEVEL + value: "warn" + - name: NGINX_APP_PHP_NON_FILE_PATTERN + value: "^/index\\.php(/|$)" ports: - - containerPort: 80 + - containerPort: 8080 resources: {} restartPolicy: Always volumes: - name: hydra-dispatcher-apps configMap: name: hydra-dispatcher-apps - -- 2.17.1 From aab1770988ee52a3ea8463fc96939c59ce853774 Mon Sep 17 00:00:00 2001 From: Matthieu Lamalle Date: Fri, 30 Jun 2023 14:10:07 +0200 Subject: [PATCH 04/18] set hydra-dispatcher side container --- .../resources/hydra-dispatcher-deployment.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml b/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml index da764fb..1605af3 100644 --- a/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml +++ b/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml @@ -18,8 +18,8 @@ spec: spec: containers: - name: hydra-dispatcher-php-fpm - image: reg.cadoles.com/cadoles/hydra-dispatcher-base:0.0.1 - args: ["/usr/sbin/php-fpm7", "-F", "-e"] + image: reg.cadoles.com/cadoles/hydra-dispatcher-kube:0.0.1 + args: ["/usr/sbin/php-fpm81", "-F", "-e"] env: - name: PHP_FPM_LISTEN value: 127.0.0.1:9000 @@ -35,7 +35,7 @@ spec: name: hydra-dispatcher-apps resources: {} - - image: reg.cadoles.com/cadoles/hydra-dispatcher-base:0.0.1 + - image: reg.cadoles.com/cadoles/hydra-dispatcher-kube:0.0.1 imagePullPolicy: Always name: hydra-dispatcher-nginx args: ["/usr/sbin/nginx"] @@ -46,7 +46,7 @@ spec: - name: NGINX_APP_UPSTREAM_BACKEND_SERVER value: 127.0.0.1:9000 - name: NGINX_APP_ROOT - value: "/app/public/" + value: "/public/" - name: NGINX_APP_PHP_INDEX value: "/index.php" - name: NGINX_ERROR_LOG_LEVEL -- 2.17.1 From 6920de878e460dd252d53dac99236d1e6db601ca Mon Sep 17 00:00:00 2001 From: Matthieu Lamalle Date: Fri, 30 Jun 2023 14:30:17 +0200 Subject: [PATCH 05/18] set hydra-oidc side container --- .../resources/hydra-oidc-deployment.yaml | 34 +++++++++++++++++-- 1 file changed, 31 insertions(+), 3 deletions(-) diff --git a/components/hydra-oidc/resources/hydra-oidc-deployment.yaml b/components/hydra-oidc/resources/hydra-oidc-deployment.yaml index e537168..1e07982 100644 --- a/components/hydra-oidc/resources/hydra-oidc-deployment.yaml +++ b/components/hydra-oidc/resources/hydra-oidc-deployment.yaml @@ -17,13 +17,41 @@ spec: io.kompose.service: hydra-oidc spec: containers: - - name: hydra-oidc - image: reg.cadoles.com/cadoles/hydra-oidc:86ef32a-symfony-containers + - name: hydra-oidc-php-fpm + image: reg.cadoles.com/cadoles/hydra-oidc-kube:0.0.1 + args: ["/usr/sbin/php-fpm81", "-F", "-e"] + env: + - name: PHP_FPM_LISTEN + value: 127.0.0.1:9000 + - name: PHP_MEMORY_LIMIT + value: 128m + - name: PHP_FPM_MEMORY_LIMIT + value: 128m envFrom: - configMapRef: name: hydra-oidc-env + resources: {} + + - image: reg.cadoles.com/cadoles/hydra-oidc-kube:0.0.1 + imagePullPolicy: Always + name: hydra-oidc-nginx + args: ["/usr/sbin/nginx"] + envFrom: + - configMapRef: + name: hydra-oidc-env + env: + - name: NGINX_APP_UPSTREAM_BACKEND_SERVER + value: 127.0.0.1:9000 + - name: NGINX_APP_ROOT + value: "/public/" + - name: NGINX_APP_PHP_INDEX + value: "/index.php" + - name: NGINX_ERROR_LOG_LEVEL + value: "warn" + - name: NGINX_APP_PHP_NON_FILE_PATTERN + value: "^/index\\.php(/|$)" ports: - - containerPort: 80 + - containerPort: 8080 resources: {} restartPolicy: Always -- 2.17.1 From 1f24a92dc30aeb10f1f0a832580b1ed806bae2d7 Mon Sep 17 00:00:00 2001 From: Matthieu Lamalle Date: Wed, 26 Jul 2023 14:45:24 +0200 Subject: [PATCH 06/18] correciton config --- components/hydra-saml/files/hydra/saml.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/components/hydra-saml/files/hydra/saml.yaml b/components/hydra-saml/files/hydra/saml.yaml index 905b3d5..518c43b 100644 --- a/components/hydra-saml/files/hydra/saml.yaml +++ b/components/hydra-saml/files/hydra/saml.yaml @@ -1,10 +1,10 @@ hydra: apps: - id: saml - title: + title: fr: Connexion SAML en: Login SAML - description: + description: fr: Authentification avec SAML en: Authentication with SAML login_url: "%env(string:HYDRA_DISPATCHER_SAML_LOGIN_URL)%" @@ -27,4 +27,4 @@ hydra: uid: required: false eduPersonAffiliation: - required: false \ No newline at end of file + required: false -- 2.17.1 From ff2bd411ab16a2b6cb1cebaf0ae5dcd4d1a7ff31 Mon Sep 17 00:00:00 2001 From: Matthieu Lamalle Date: Wed, 26 Jul 2023 15:42:16 +0200 Subject: [PATCH 07/18] set default configuration --- components/hydra-oidc/files/hydra/oidc.yaml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/components/hydra-oidc/files/hydra/oidc.yaml b/components/hydra-oidc/files/hydra/oidc.yaml index 07b9bc4..ccabe7d 100644 --- a/components/hydra-oidc/files/hydra/oidc.yaml +++ b/components/hydra-oidc/files/hydra/oidc.yaml @@ -1,12 +1,13 @@ hydra: apps: - id: oidc - title: + title: fr: Connexion OIDC en: Login OIDC - description: + description: fr: Authentification avec OpenID Connect en: Authentication with OpenID Connect login_url: "%env(string:HYDRA_DISPATCHER_OIDC_LOGIN_URL)%" consent_url: "%env(string:HYDRA_DISPATCHER_OIDC_CONSENT_URL)%" - logout_url: "%env(string:HYDRA_DISPATCHER_OIDC_LOGOUT_URL)%" \ No newline at end of file + logout_url: "%env(string:HYDRA_DISPATCHER_OIDC_LOGOUT_URL)%" + attributes_rewrite_configuration: [] -- 2.17.1 From 738fa4697014410780e45d2010dc5bd4edd81b46 Mon Sep 17 00:00:00 2001 From: Matthieu Lamalle Date: Thu, 27 Jul 2023 10:49:42 +0200 Subject: [PATCH 08/18] update config default apps filename --- components/hydra-oidc/kustomization.yaml | 2 +- components/hydra-saml/kustomization.yaml | 2 +- resources/hydra-dispatcher/kustomization.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/components/hydra-oidc/kustomization.yaml b/components/hydra-oidc/kustomization.yaml index fbbe3b8..b598ede 100644 --- a/components/hydra-oidc/kustomization.yaml +++ b/components/hydra-oidc/kustomization.yaml @@ -29,7 +29,7 @@ configMapGenerator: - name: hydra-dispatcher-apps behavior: merge files: - - ./files/hydra/oidc.yaml + - apps.yaml=./files/hydra/oidc.yaml patchesJson6902: - target: diff --git a/components/hydra-saml/kustomization.yaml b/components/hydra-saml/kustomization.yaml index 50a858f..7194c92 100644 --- a/components/hydra-saml/kustomization.yaml +++ b/components/hydra-saml/kustomization.yaml @@ -37,4 +37,4 @@ patchesJson6902: version: v1 kind: ConfigMap name: hydra-dispatcher-env - path: patches/hydra-dispatcher-env.yaml \ No newline at end of file + path: patches/hydra-dispatcher-env.yaml diff --git a/resources/hydra-dispatcher/kustomization.yaml b/resources/hydra-dispatcher/kustomization.yaml index c44e6af..8bba48f 100644 --- a/resources/hydra-dispatcher/kustomization.yaml +++ b/resources/hydra-dispatcher/kustomization.yaml @@ -23,4 +23,4 @@ configMapGenerator: - APP_LOCALES=fr,en - name: hydra-dispatcher-apps files: - - ./files/hydra/default.yaml + - apps.yaml=./files/hydra/default.yaml -- 2.17.1 From 3a125101e159ea7992291941918b30d3f1468b0e Mon Sep 17 00:00:00 2001 From: Matthieu Lamalle Date: Thu, 27 Jul 2023 14:07:30 +0200 Subject: [PATCH 09/18] remove loginapp default app configmap --- components/hydra-oidc/kustomization.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/components/hydra-oidc/kustomization.yaml b/components/hydra-oidc/kustomization.yaml index b598ede..88288e0 100644 --- a/components/hydra-oidc/kustomization.yaml +++ b/components/hydra-oidc/kustomization.yaml @@ -26,10 +26,10 @@ configMapGenerator: - CLIENT_SECRET_FC=MyClientSecret - COOKIE_PATH=/ - TRUSTED_PROXIES=127.0.0.1,REMOTE_ADDR - - name: hydra-dispatcher-apps - behavior: merge - files: - - apps.yaml=./files/hydra/oidc.yaml + # - name: hydra-dispatcher-apps + # behavior: merge + # files: + # - apps.yaml=./files/hydra/oidc.yaml patchesJson6902: - target: -- 2.17.1 From 56b8240e5952e3b824f81cd7f222fe8e3b9dd0f4 Mon Sep 17 00:00:00 2001 From: Matthieu Lamalle Date: Tue, 31 Oct 2023 11:06:32 +0100 Subject: [PATCH 10/18] add imagepullpolicy rule --- components/hydra-oidc/resources/hydra-oidc-deployment.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/components/hydra-oidc/resources/hydra-oidc-deployment.yaml b/components/hydra-oidc/resources/hydra-oidc-deployment.yaml index 1e07982..94bddc9 100644 --- a/components/hydra-oidc/resources/hydra-oidc-deployment.yaml +++ b/components/hydra-oidc/resources/hydra-oidc-deployment.yaml @@ -19,6 +19,7 @@ spec: containers: - name: hydra-oidc-php-fpm image: reg.cadoles.com/cadoles/hydra-oidc-kube:0.0.1 + imagePullPolicy: Always args: ["/usr/sbin/php-fpm81", "-F", "-e"] env: - name: PHP_FPM_LISTEN -- 2.17.1 From 1cbfa69e70aba159cff9663b8fa4912c42acae8c Mon Sep 17 00:00:00 2001 From: Matthieu Lamalle Date: Tue, 31 Oct 2023 13:08:08 +0100 Subject: [PATCH 11/18] set correct tag for hydra-oidc --- components/hydra-oidc/resources/hydra-oidc-deployment.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/components/hydra-oidc/resources/hydra-oidc-deployment.yaml b/components/hydra-oidc/resources/hydra-oidc-deployment.yaml index 94bddc9..75f6a1c 100644 --- a/components/hydra-oidc/resources/hydra-oidc-deployment.yaml +++ b/components/hydra-oidc/resources/hydra-oidc-deployment.yaml @@ -18,7 +18,7 @@ spec: spec: containers: - name: hydra-oidc-php-fpm - image: reg.cadoles.com/cadoles/hydra-oidc-kube:0.0.1 + image: reg.cadoles.com/cadoles/hydra-oidc-base:0.0.1 imagePullPolicy: Always args: ["/usr/sbin/php-fpm81", "-F", "-e"] env: @@ -33,7 +33,7 @@ spec: name: hydra-oidc-env resources: {} - - image: reg.cadoles.com/cadoles/hydra-oidc-kube:0.0.1 + - image: reg.cadoles.com/cadoles/hydra-oidc-base:0.0.1 imagePullPolicy: Always name: hydra-oidc-nginx args: ["/usr/sbin/nginx"] -- 2.17.1 From 62b63c2e87a598988c32beed1d2edb4ea4e79f93 Mon Sep 17 00:00:00 2001 From: Philippe Caseiro Date: Mon, 12 Jun 2023 14:09:12 +0200 Subject: [PATCH 12/18] feat(hydra-sql): adding new hydra login app --- components/hydra-sql/files/sql_login.yaml | 7 ++ components/hydra-sql/kustomization.yaml | 23 ++++++ .../resources/hydra-sql-deployment.yaml | 71 +++++++++++++++++++ .../resources/hydra-sql-service.yaml | 14 ++++ kustomization.yaml | 1 + 5 files changed, 116 insertions(+) create mode 100644 components/hydra-sql/files/sql_login.yaml create mode 100644 components/hydra-sql/kustomization.yaml create mode 100644 components/hydra-sql/resources/hydra-sql-deployment.yaml create mode 100644 components/hydra-sql/resources/hydra-sql-service.yaml diff --git a/components/hydra-sql/files/sql_login.yaml b/components/hydra-sql/files/sql_login.yaml new file mode 100644 index 0000000..a69ef96 --- /dev/null +++ b/components/hydra-sql/files/sql_login.yaml @@ -0,0 +1,7 @@ +sql_login: + login_column_name: mail + password_column_name: password + salt_column_name: salt + table_name: user + data_to_fetch: + - mail diff --git a/components/hydra-sql/kustomization.yaml b/components/hydra-sql/kustomization.yaml new file mode 100644 index 0000000..f305b11 --- /dev/null +++ b/components/hydra-sql/kustomization.yaml @@ -0,0 +1,23 @@ +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +resources: +- ./resources/hydra-sql-service.yaml +- ./resources/hydra-sql-deployment.yaml + +configMapGenerator: +- name: hydra-sql-env + literals: + - ISSUER_URL="http://localhost:8000" + - BASE_URL='http://localhost:8080' + - HYDRA_ADMIN_BASE_URL='http://hydra:4445/admin' + - APP_LOCALES="fr,en" + - HASH_ALGO_LEGACY="sha256, bcrypt" + - SECURITY_PATTERN="password,salt,pepper" + - DSN_REMOTE_DATABASE="pgsql:host='postgres';port=5432;dbname=lasql" + - DB_USER="makeMeASecret" + - DB_PASSWORD="makeMeASecret" + - PEPPER="MakeMeABigSecret" +- name: sql-login-config + files: + - ./files/sql_login.yaml diff --git a/components/hydra-sql/resources/hydra-sql-deployment.yaml b/components/hydra-sql/resources/hydra-sql-deployment.yaml new file mode 100644 index 0000000..fa270a7 --- /dev/null +++ b/components/hydra-sql/resources/hydra-sql-deployment.yaml @@ -0,0 +1,71 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + io.kompose.service: hydra-sql + name: hydra-sql +spec: + replicas: 1 + selector: + matchLabels: + io.kompose.service: hydra-sql + strategy: + type: Recreate + template: + metadata: + labels: + io.kompose.service: hydra-sql + spec: + containers: + - name: hydra-sql-fpm + image: reg.cadoles.com/rmasson/hydra-sql-kube:0.0.3-dev-issue-14-20230615 + # - image: reg.cadoles.com/cadoles/hydra-sql:latest + imagePullPolicy: Always + args: ["/usr/sbin/php-fpm81", "-F", "-e"] + resources: {} + envFrom: + - configMapRef: + name: hydra-sql-env + env: + - name: PHP_FPM_LISTEN + value: 127.0.0.1:9000 + - name: PHP_MEMORY_LIMIT + value: 128m + - name: PHP_FPM_MEMORY_LIMIT + value: 128m + - name: PHP_FPM_LOG_LEVEL + value: warning + volumeMounts: + - name: sql-login-config + mountPath: "/app/config/sql_login_configuration/sql_login.yaml" + subPath: "sql_login.yaml" + - name: hydra-sql-nginx + image: reg.cadoles.com/rmasson/hydra-sql-kube:0.0.3-dev-issue-14-20230615 + imagePullPolicy: Always + args: ["/usr/sbin/nginx"] + envFrom: + - configMapRef: + name: hydra-sql-env + env: + - name: NGINX_APP_UPSTREAM_BACKEND_SERVER + value: 127.0.0.1:9000 + - name: NGINX_APP_ROOT + value: "/public" + - name: NGINX_APP_PHP_INDEX + value: "/index.php" + - name: NGINX_ERROR_LOG_LEVEL + value: "warn" + - name: NGINX_APP_PHP_NON_FILE_PATTERN + value: "^/index\\.php(/|$)" + ports: + - containerPort: 8080 + volumeMounts: + - name: sql-login-config + mountPath: "/app/config/sql_login_configuration/sql_login.yaml" + subPath: "sql_login.yaml" + volumes: + - name: sql-login-config + configMap: + name: sql-login-config + + restartPolicy: Always diff --git a/components/hydra-sql/resources/hydra-sql-service.yaml b/components/hydra-sql/resources/hydra-sql-service.yaml new file mode 100644 index 0000000..2941999 --- /dev/null +++ b/components/hydra-sql/resources/hydra-sql-service.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + io.kompose.service: hydra-sql + name: hydra-sql +spec: + ports: + - name: hydra-sql + port: 8080 + selector: + io.kompose.service: hydra-sql +status: + loadBalancer: {} diff --git a/kustomization.yaml b/kustomization.yaml index 38c75b0..60bbd7a 100644 --- a/kustomization.yaml +++ b/kustomization.yaml @@ -9,3 +9,4 @@ components: - ./components/hydra-cnpg-database - ./components/hydra-oidc - ./components/hydra-saml +- ./components/hydra-sql -- 2.17.1 From 24b69b0146dceb1eab2a19471d9bfc347403fa7b Mon Sep 17 00:00:00 2001 From: Philippe Caseiro Date: Thu, 22 Jun 2023 16:50:53 +0200 Subject: [PATCH 13/18] fix(saml): fixing port name longer than 15c --- components/hydra-saml/resources/hydra-saml-shibboleth-sp.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/hydra-saml/resources/hydra-saml-shibboleth-sp.yaml b/components/hydra-saml/resources/hydra-saml-shibboleth-sp.yaml index a99bec7..677a02e 100644 --- a/components/hydra-saml/resources/hydra-saml-shibboleth-sp.yaml +++ b/components/hydra-saml/resources/hydra-saml-shibboleth-sp.yaml @@ -51,4 +51,4 @@ spec: io.kompose.service: hydra-saml-shibboleth-sp status: loadBalancer: {} - + -- 2.17.1 From 61cc316e1c4d9ba51a88c131b50fc22967ccb0bd Mon Sep 17 00:00:00 2001 From: Matthieu Lamalle Date: Thu, 2 Nov 2023 08:50:58 +0100 Subject: [PATCH 14/18] add hydra-sql deployment --- .../resources/hydra-sql-deployment.yaml | 35 +++++++++++++++++-- 1 file changed, 32 insertions(+), 3 deletions(-) diff --git a/components/hydra-sql/resources/hydra-sql-deployment.yaml b/components/hydra-sql/resources/hydra-sql-deployment.yaml index fa270a7..ee84ac4 100644 --- a/components/hydra-sql/resources/hydra-sql-deployment.yaml +++ b/components/hydra-sql/resources/hydra-sql-deployment.yaml @@ -18,10 +18,23 @@ spec: spec: containers: - name: hydra-sql-fpm - image: reg.cadoles.com/rmasson/hydra-sql-kube:0.0.3-dev-issue-14-20230615 - # - image: reg.cadoles.com/cadoles/hydra-sql:latest + image: reg.cadoles.com/cadoles/hydra-sql-base:0.0.1 imagePullPolicy: Always args: ["/usr/sbin/php-fpm81", "-F", "-e"] + readinessProbe: + exec: + command: + - sh + - -c + - test -f /etc/php81/php-fpm.d/www.conf + livenessProbe: + exec: + command: + - php + - bin/console + - -V + initialDelaySeconds: 10 + periodSeconds: 30 resources: {} envFrom: - configMapRef: @@ -39,10 +52,25 @@ spec: - name: sql-login-config mountPath: "/app/config/sql_login_configuration/sql_login.yaml" subPath: "sql_login.yaml" + - name: hydra-sql-nginx - image: reg.cadoles.com/rmasson/hydra-sql-kube:0.0.3-dev-issue-14-20230615 + image: reg.cadoles.com/cadoles/hydra-sql-base:0.0.1 imagePullPolicy: Always args: ["/usr/sbin/nginx"] + readinessProbe: + httpGet: + path: /health + port: 8080 + initialDelaySeconds: 5 + timeoutSeconds: 5 + periodSeconds: 10 + livenessProbe: + httpGet: + path: /health + port: 8080 + initialDelaySeconds: 15 + timeoutSeconds: 5 + periodSeconds: 15 envFrom: - configMapRef: name: hydra-sql-env @@ -57,6 +85,7 @@ spec: value: "warn" - name: NGINX_APP_PHP_NON_FILE_PATTERN value: "^/index\\.php(/|$)" + resources: {} ports: - containerPort: 8080 volumeMounts: -- 2.17.1 From 87bbdcdd55300553bebe57de8dc8be9eaf6034c0 Mon Sep 17 00:00:00 2001 From: Matthieu Lamalle Date: Thu, 2 Nov 2023 08:51:20 +0100 Subject: [PATCH 15/18] add probes --- .../resources/hydra-oidc-deployment.yaml | 28 +++++++++++++++++++ .../hydra-dispatcher-deployment.yaml | 28 +++++++++++++++++++ 2 files changed, 56 insertions(+) diff --git a/components/hydra-oidc/resources/hydra-oidc-deployment.yaml b/components/hydra-oidc/resources/hydra-oidc-deployment.yaml index 75f6a1c..5ab20f4 100644 --- a/components/hydra-oidc/resources/hydra-oidc-deployment.yaml +++ b/components/hydra-oidc/resources/hydra-oidc-deployment.yaml @@ -21,6 +21,20 @@ spec: image: reg.cadoles.com/cadoles/hydra-oidc-base:0.0.1 imagePullPolicy: Always args: ["/usr/sbin/php-fpm81", "-F", "-e"] + readinessProbe: + exec: + command: + - sh + - -c + - test -f /etc/php81/php-fpm.d/www.conf + livenessProbe: + exec: + command: + - php + - bin/console + - -V + initialDelaySeconds: 10 + periodSeconds: 30 env: - name: PHP_FPM_LISTEN value: 127.0.0.1:9000 @@ -37,6 +51,20 @@ spec: imagePullPolicy: Always name: hydra-oidc-nginx args: ["/usr/sbin/nginx"] + readinessProbe: + httpGet: + path: /healthy + port: 80 + initialDelaySeconds: 5 + timeoutSeconds: 5 + periodSeconds: 10 + livenessProbe: + httpGet: + path: /healthy + port: 80 + initialDelaySeconds: 15 + timeoutSeconds: 5 + periodSeconds: 15 envFrom: - configMapRef: name: hydra-oidc-env diff --git a/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml b/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml index 1605af3..81f4c0a 100644 --- a/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml +++ b/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml @@ -20,6 +20,20 @@ spec: - name: hydra-dispatcher-php-fpm image: reg.cadoles.com/cadoles/hydra-dispatcher-kube:0.0.1 args: ["/usr/sbin/php-fpm81", "-F", "-e"] + readinessProbe: + exec: + command: + - sh + - -c + - test -f /etc/php81/php-fpm.d/www.conf + livenessProbe: + exec: + command: + - php + - bin/console + - -V + initialDelaySeconds: 10 + periodSeconds: 30 env: - name: PHP_FPM_LISTEN value: 127.0.0.1:9000 @@ -39,6 +53,20 @@ spec: imagePullPolicy: Always name: hydra-dispatcher-nginx args: ["/usr/sbin/nginx"] + readinessProbe: + httpGet: + path: /oauth2/auth + port: 80 + initialDelaySeconds: 5 + timeoutSeconds: 5 + periodSeconds: 10 + livenessProbe: + httpGet: + path: /oauth2/auth + port: 80 + initialDelaySeconds: 15 + timeoutSeconds: 5 + periodSeconds: 15 envFrom: - configMapRef: name: hydra-dispatcher-env -- 2.17.1 From c0865d9bf637e36875473ed14c215184f467243d Mon Sep 17 00:00:00 2001 From: Matthieu Lamalle Date: Thu, 2 Nov 2023 09:37:00 +0100 Subject: [PATCH 16/18] update hydra-dispatcher probes and image ref --- .../resources/hydra-dispatcher-deployment.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml b/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml index 81f4c0a..6d91741 100644 --- a/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml +++ b/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml @@ -18,7 +18,7 @@ spec: spec: containers: - name: hydra-dispatcher-php-fpm - image: reg.cadoles.com/cadoles/hydra-dispatcher-kube:0.0.1 + image: reg.cadoles.com/cadoles/hydra-dispatcher-base:0.0.1 args: ["/usr/sbin/php-fpm81", "-F", "-e"] readinessProbe: exec: @@ -49,20 +49,20 @@ spec: name: hydra-dispatcher-apps resources: {} - - image: reg.cadoles.com/cadoles/hydra-dispatcher-kube:0.0.1 + - image: reg.cadoles.com/cadoles/hydra-dispatcher-base:0.0.1 imagePullPolicy: Always name: hydra-dispatcher-nginx args: ["/usr/sbin/nginx"] readinessProbe: httpGet: - path: /oauth2/auth + path: /health port: 80 initialDelaySeconds: 5 timeoutSeconds: 5 periodSeconds: 10 livenessProbe: httpGet: - path: /oauth2/auth + path: /health port: 80 initialDelaySeconds: 15 timeoutSeconds: 5 -- 2.17.1 From 93895720d97c47292ae68a410b4f534231e9ec8d Mon Sep 17 00:00:00 2001 From: William Petit Date: Fri, 17 Nov 2023 16:15:33 +0100 Subject: [PATCH 17/18] feat(hydra-dispatcher): update image tag --- components/hydra-oidc/resources/hydra-oidc-deployment.yaml | 4 ++-- .../resources/hydra-dispatcher-deployment.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/components/hydra-oidc/resources/hydra-oidc-deployment.yaml b/components/hydra-oidc/resources/hydra-oidc-deployment.yaml index 5ab20f4..dd62f7e 100644 --- a/components/hydra-oidc/resources/hydra-oidc-deployment.yaml +++ b/components/hydra-oidc/resources/hydra-oidc-deployment.yaml @@ -18,7 +18,7 @@ spec: spec: containers: - name: hydra-oidc-php-fpm - image: reg.cadoles.com/cadoles/hydra-oidc-base:0.0.1 + image: reg.cadoles.com/cadoles/hydra-oidc-base:2023.11.17-develop.1657.761e035 imagePullPolicy: Always args: ["/usr/sbin/php-fpm81", "-F", "-e"] readinessProbe: @@ -47,7 +47,7 @@ spec: name: hydra-oidc-env resources: {} - - image: reg.cadoles.com/cadoles/hydra-oidc-base:0.0.1 + - image: reg.cadoles.com/cadoles/hydra-oidc-base:2023.11.17-develop.1657.761e035 imagePullPolicy: Always name: hydra-oidc-nginx args: ["/usr/sbin/nginx"] diff --git a/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml b/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml index 6d91741..d7fb91f 100644 --- a/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml +++ b/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml @@ -18,7 +18,7 @@ spec: spec: containers: - name: hydra-dispatcher-php-fpm - image: reg.cadoles.com/cadoles/hydra-dispatcher-base:0.0.1 + image: reg.cadoles.com/cadoles/hydra-dispatcher-base:2023.11.17-develop.1408.ad93359 args: ["/usr/sbin/php-fpm81", "-F", "-e"] readinessProbe: exec: @@ -49,7 +49,7 @@ spec: name: hydra-dispatcher-apps resources: {} - - image: reg.cadoles.com/cadoles/hydra-dispatcher-base:0.0.1 + - image: reg.cadoles.com/cadoles/hydra-dispatcher-base:2023.11.17-develop.1408.ad93359 imagePullPolicy: Always name: hydra-dispatcher-nginx args: ["/usr/sbin/nginx"] -- 2.17.1 From 7a5f5cac0defa7808803fecb59b87e78970748c2 Mon Sep 17 00:00:00 2001 From: Matthieu Lamalle Date: Wed, 22 Nov 2023 14:20:28 +0100 Subject: [PATCH 18/18] feat(hydra-oidc): update ref fix logout url --- components/hydra-oidc/resources/hydra-oidc-deployment.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/components/hydra-oidc/resources/hydra-oidc-deployment.yaml b/components/hydra-oidc/resources/hydra-oidc-deployment.yaml index dd62f7e..1ee2aab 100644 --- a/components/hydra-oidc/resources/hydra-oidc-deployment.yaml +++ b/components/hydra-oidc/resources/hydra-oidc-deployment.yaml @@ -18,7 +18,7 @@ spec: spec: containers: - name: hydra-oidc-php-fpm - image: reg.cadoles.com/cadoles/hydra-oidc-base:2023.11.17-develop.1657.761e035 + image: reg.cadoles.com/cadoles/hydra-oidc-base:2023.11.22-develop.1410.027411d imagePullPolicy: Always args: ["/usr/sbin/php-fpm81", "-F", "-e"] readinessProbe: @@ -47,7 +47,7 @@ spec: name: hydra-oidc-env resources: {} - - image: reg.cadoles.com/cadoles/hydra-oidc-base:2023.11.17-develop.1657.761e035 + - image: reg.cadoles.com/cadoles/hydra-oidc-base:2023.11.22-develop.1410.027411d imagePullPolicy: Always name: hydra-oidc-nginx args: ["/usr/sbin/nginx"] -- 2.17.1