From 95a431f46d56f6da8a4d4944871b4535e1231875 Mon Sep 17 00:00:00 2001 From: Cedric Verstraeten Date: Wed, 30 Oct 2024 22:01:12 +0100 Subject: [PATCH] oauth for api + upgrade to 0.65.0 --- charts/hub/Chart.yaml | 2 +- .../kerberos-hub/hub-frontend-demo.yaml | 38 ------------------- .../templates/kerberos-hub/hub-frontend.yaml | 36 ------------------ 3 files changed, 1 insertion(+), 75 deletions(-) diff --git a/charts/hub/Chart.yaml b/charts/hub/Chart.yaml index 402548a..d835725 100644 --- a/charts/hub/Chart.yaml +++ b/charts/hub/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.64.0 +version: 0.65.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/charts/hub/templates/kerberos-hub/hub-frontend-demo.yaml b/charts/hub/templates/kerberos-hub/hub-frontend-demo.yaml index 5bd6bc2..461be2e 100644 --- a/charts/hub/templates/kerberos-hub/hub-frontend-demo.yaml +++ b/charts/hub/templates/kerberos-hub/hub-frontend-demo.yaml @@ -23,24 +23,16 @@ metadata: name: hub-frontend-demo-ingress annotations: kubernetes.io/ingress.class: {{ .Values.ingress }} - {{- if eq .Values.kerberoshub.oauth2Proxy.enabled true }} - nginx.ingress.kubernetes.io/auth-url: "https://$host/oauth2/auth" - nginx.ingress.kubernetes.io/auth-signin: "https://$host/oauth2/start?rd=$escaped_request_uri" - {{- end }} {{- if eq .Values.ingress "nginx" }} kubernetes.io/tls-acme: "true" nginx.ingress.kubernetes.io/ssl-redirect: "true" cert-manager.io/cluster-issuer: "letsencrypt-prod" {{- end }} spec: - {{- with .Values.kerberoshub.frontend.demoTls }} tls: {{- toYaml . | nindent 8 }} {{- end }} - - - {{ if .Capabilities.APIVersions.Has "networking.k8s.io/v1" }} rules: - host: "{{ .Values.kerberoshub.frontend.demoUrl }}" @@ -64,36 +56,6 @@ spec: servicePort: 80 {{ end }} --- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: oauth2-proxy-frontend-demo - namespace: kube-system - annotations: - kubernetes.io/ingress.class: {{ .Values.ingress }} - {{- if eq .Values.ingress "nginx" }} - cert-manager.io/cluster-issuer: letsencrypt-prod - kubernetes.io/tls-acme: "true" - nginx.ingress.kubernetes.io/ssl-redirect: "true" - {{- end }} -spec: - ingressClassName: nginx - rules: - - host: "{{ .Values.kerberoshub.frontend.demoUrl }}" - http: - paths: - - path: /oauth2 - pathType: Prefix - backend: - service: - name: oauth2-proxy - port: - number: 4180 - tls: - - hosts: - - "{{ .Values.kerberoshub.frontend.demoUrl }}" - secretName: ---- apiVersion: apps/v1 kind: Deployment metadata: diff --git a/charts/hub/templates/kerberos-hub/hub-frontend.yaml b/charts/hub/templates/kerberos-hub/hub-frontend.yaml index 02be6a6..b5fb575 100644 --- a/charts/hub/templates/kerberos-hub/hub-frontend.yaml +++ b/charts/hub/templates/kerberos-hub/hub-frontend.yaml @@ -23,10 +23,6 @@ metadata: name: hub-frontend-ingress annotations: kubernetes.io/ingress.class: {{ .Values.ingress }} - {{- if eq .Values.kerberoshub.oauth2Proxy.enabled true }} - nginx.ingress.kubernetes.io/auth-url: "https://$host/oauth2/auth" - nginx.ingress.kubernetes.io/auth-signin: "https://$host/oauth2/start?rd=$escaped_request_uri" - {{- end }} {{- if eq .Values.ingress "nginx" }} kubernetes.io/tls-acme: "true" nginx.ingress.kubernetes.io/ssl-redirect: "true" @@ -103,38 +99,6 @@ spec: servicePort: 80 {{- end }} {{- end }} -{{- if eq .Values.kerberoshub.oauth2Proxy.enabled true }} ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: oauth2-proxy-frontend - namespace: kube-system - annotations: - kubernetes.io/ingress.class: {{ .Values.ingress }} - {{- if eq .Values.ingress "nginx" }} - cert-manager.io/cluster-issuer: letsencrypt-prod - kubernetes.io/tls-acme: "true" - nginx.ingress.kubernetes.io/ssl-redirect: "true" - {{- end }} -spec: - ingressClassName: nginx - rules: - - host: "{{ .Values.kerberoshub.frontend.url }}" - http: - paths: - - path: /oauth2 - pathType: Prefix - backend: - service: - name: oauth2-proxy - port: - number: 4180 - tls: - - hosts: - - "{{ .Values.kerberoshub.frontend.url }}" - secretName: oauth2-proxy-tls -{{- end }} --- apiVersion: apps/v1 kind: Deployment