Skip to content

Commit

Permalink
refactor: move identity remaining env vars to config (#2400)
Browse files Browse the repository at this point in the history 
Signed-off-by: Ahmed AbouZaid <[email protected]>
  • Loading branch information
@aabouzaid
aabouzaid authored Oct 25, 2024
1 parent 36daf1e commit e6d2cb6
Show file tree
Hide file tree
Showing 14 changed files with 162 additions and 156 deletions.
2 changes: 1 addition & 1 deletion charts/camunda-platform-8.5/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -492,7 +492,7 @@ Please see the corresponding [release guide](../../docs/release.md) to find out
| `global.identity.auth.connectors.existingSecret` | can be used to use an own existing secret. If not set a random secret is generated. | `nil` |
| `global.identity.auth.connectors.existingSecretKey` | defines the key within the existing secret object. | `connectors-secret` |
| `global.identity.auth.identity` | configuration to configure Identity authentication specifics on global level, which can be accessed by other sub-charts | |
| `global.identity.auth.identity.clientId` | defines the client id, which is used by Identity in authentication flows. | `identity` |
| `global.identity.auth.identity.clientId` | defines the client id, which is used by Identity in authentication flows. | `camunda-identity` |
| `global.identity.auth.identity.audience` | defines the audience, which is used by Identity. | `camunda-identity-resource-server` |
| `global.identity.auth.identity.existingSecret` | can be used to reference an existing secret. This should ONLY be used for an external OIDC provider. If not set, a random secret is generated. | `nil` |
| `global.identity.auth.identity.existingSecretKey` | defines the key within the existing secret object. | `identity-secret` |
Expand Down
4 changes: 0 additions & 4 deletions charts/camunda-platform-8.5/templates/identity/configmap.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -205,11 +205,7 @@ data:
environment:
clients:
- name: Identity
{{- if (tpl ( include "identity.authClientSecret" . ) .)}}
id: {{ printf "%s" (include "identity.authClientId" .) | default "camunda-identity" | quote }}
{{- else }}
id: "camunda-identity"
{{- end }}
type: CONFIDENTIAL
secret: ${IDENTITY_CLIENT_SECRET:}
root-url: {{ include "identity.externalUrl" . | quote }}
Expand Down
2 changes: 1 addition & 1 deletion charts/camunda-platform-8.5/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -252,7 +252,7 @@ global:
## @extra global.identity.auth.identity configuration to configure Identity authentication specifics on global level, which can be accessed by other sub-charts
identity:
## @param global.identity.auth.identity.clientId defines the client id, which is used by Identity in authentication flows.
clientId: identity
clientId: camunda-identity
## @param global.identity.auth.identity.audience defines the audience, which is used by Identity.
audience: camunda-identity-resource-server
## @param global.identity.auth.identity.existingSecret can be used to reference an existing secret. This should ONLY be used for an external OIDC provider. If not set, a random secret is generated.
Expand Down
2 changes: 1 addition & 1 deletion charts/camunda-platform-8.6/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -507,7 +507,7 @@ Please see the corresponding [release guide](../../docs/release.md) to find out
| `global.identity.auth.connectors.existingSecret` | can be used to use an own existing secret. If not set a random secret is generated. | `nil` |
| `global.identity.auth.connectors.existingSecretKey` | defines the key within the existing secret object. | `connectors-secret` |
| `global.identity.auth.identity` | configuration to configure Identity authentication specifics on global level, which can be accessed by other sub-charts | |
| `global.identity.auth.identity.clientId` | defines the client id, which is used by Identity in authentication flows. | `identity` |
| `global.identity.auth.identity.clientId` | defines the client id, which is used by Identity in authentication flows. | `camunda-identity` |
| `global.identity.auth.identity.audience` | defines the audience, which is used by Identity. | `camunda-identity-resource-server` |
| `global.identity.auth.identity.existingSecret` | can be used to reference an existing secret. This should ONLY be used for an external OIDC provider. If not set, a random secret is generated. | `nil` |
| `global.identity.auth.identity.existingSecretKey` | defines the key within the existing secret object. | `identity-secret` |
Expand Down
6 changes: 1 addition & 5 deletions charts/camunda-platform-8.6/templates/identity/configmap.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -216,13 +216,9 @@ data:
environment:
clients:
- name: Identity
{{- if (tpl ( include "identity.authClientSecret" . ) .)}}
id: {{ printf "%s" (include "identity.authClientId" .) | default "camunda-identity" | quote }}
{{- else }}
id: "camunda-identity"
{{- end }}
type: CONFIDENTIAL
secret: ${IDENTITY_CLIENT_SECRET:}
secret: ${CAMUNDA_IDENTITY_CLIENT_SECRET:}
root-url: {{ include "identity.externalUrl" . | quote }}
redirect-uris:
- "/auth/login-callback"
Expand Down
2 changes: 1 addition & 1 deletion charts/camunda-platform-8.6/test/unit/identity/golden/configmap.golden.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -208,7 +208,7 @@ data:
- name: Identity
id: "camunda-identity"
type: CONFIDENTIAL
secret: ${IDENTITY_CLIENT_SECRET:}
secret: ${CAMUNDA_IDENTITY_CLIENT_SECRET:}
root-url: "http://localhost:8080"
redirect-uris:
- "/auth/login-callback"
Expand Down
2 changes: 1 addition & 1 deletion charts/camunda-platform-8.6/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -260,7 +260,7 @@ global:
## @extra global.identity.auth.identity configuration to configure Identity authentication specifics on global level, which can be accessed by other sub-charts
identity:
## @param global.identity.auth.identity.clientId defines the client id, which is used by Identity in authentication flows.
clientId: identity
clientId: camunda-identity
## @param global.identity.auth.identity.audience defines the audience, which is used by Identity.
audience: camunda-identity-resource-server
## @param global.identity.auth.identity.existingSecret can be used to reference an existing secret. This should ONLY be used for an external OIDC provider. If not set, a random secret is generated.
Expand Down
2 changes: 1 addition & 1 deletion charts/camunda-platform-alpha/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -483,7 +483,7 @@ Please see the corresponding [release guide](../../docs/release.md) to find out
| `global.identity.auth.connectors.existingSecret` | can be used to use an own existing secret. If not set a random secret is generated. | `nil` |
| `global.identity.auth.connectors.existingSecretKey` | defines the key within the existing secret object. | `connectors-secret` |
| `global.identity.auth.identity` | configuration to configure Identity authentication specifics on global level, which can be accessed by other sub-charts | |
| `global.identity.auth.identity.clientId` | defines the client id, which is used by Identity in authentication flows. | `identity` |
| `global.identity.auth.identity.clientId` | defines the client id, which is used by Identity in authentication flows. | `camunda-identity` |
| `global.identity.auth.identity.audience` | defines the audience, which is used by Identity. | `camunda-identity-resource-server` |
| `global.identity.auth.identity.existingSecret` | can be used to reference an existing secret. This should ONLY be used for an external OIDC provider. If not set, a random secret is generated. | `nil` |
| `global.identity.auth.identity.existingSecretKey` | defines the key within the existing secret object. | `identity-secret` |
Expand Down
Loading

0 comments on commit e6d2cb6

Please sign in to comment.