Allow users to configure authentication provider

[indigo423]

Created schema validation for the configuration of OAuth and OIDC authentication providers.

Resolve: #21

Checklist

• Pull request has a descriptive title and context useful to a reviewer.
• Pull request title follows the [<catalog_entry>] <commit message> naming convention using one of the following catalog_entry values: FEATURE, ENHANCEMENT, BUGFIX, BREAKINGCHANGE, IGNORE.
• All commits have DCO signoffs.

[Labiote]

Hello, great, I was waiting for this and actually thinking about contributing myself ahah. Although, shouldn't you add changes for Values.yaml file that include all that changes ?

Also, there is an ongoing issue regarding authentication and tls :

perses/perses#2302

That will probably imply some changes in the authentication config :

perses/perses#2311

Maybe it is worth checking it and including the changes in this issue ?

[indigo423]

Can you help me understand this a bit better what do you expect to see in the values.yaml file?

Although, shouldn't you add changes for Values.yaml file that include all that changes ?

Sorry, I'm a non-native English speaker and there might be some loss in translation for me :)

Also, there is an ongoing issue regarding authentication and tls :

perses/perses#2302

That will probably imply some changes in the authentication config :

perses/perses#2311

Maybe it is worth checking it and including the changes in this issue?

I'll check it out. Thank you for pointing these out, this is great.

[Labiote]

No worries ! So the values.yaml file has some default configuration in it that can be overridden when using the chart. Maybe it would be nice to increment the file with the new values you added regarding authentication to give some hints on what people can override when they use this chart, something like :

[...]
  security:
    # -- Configure Perses instance as readonly
    readOnly: false
    # -- Enable Authentication
    enableAuth: false
    # -- cookie config
    cookie:
      same_site: lax
      secure: false
      # [ same_site: < enum | possibleValue = 'strict' | 'lax' | 'none' > | default = lax ]
      # Set to true if you host Perses behind HTTPS. Default is false
      # [ secure: <boolean> | default = false ]
    # -- Authentication configuration
    authentication:
      # -- Define your providers
      providers:
        oidc:
          ...
        oauth:
          ...

etc
[...]

I don't know if this is clear ^^'

[indigo423]

Ok got it, as it is right now, users won't know what's supported from a configuration perspective. I think the README file uses the values.yaml file to generate the "chart.valuesSection", which is just a subset of the configuration defined in the values.schema.json and the template.

[indigo423]

@Nexucis @Labiote I would like to get some feedback from you about this topic. The main question is about having default settings for authentication providers in the values.yaml file. The values.yaml is used to render the documentation in the README file. That would definitely help to make it transparent, so people know what can be configured. The downside of this method, people wo don't use authentication provider are forced to override the values which adds a bit of friction, because default values probably don't match any deployment scenario.

Do we have other options to a) provide a documention which shows easily what you can configure and b) having a reasonable default values.yaml which works frictionless?

Please don't hesitate ripping this comment apart :)

[indigo423]

I think this issue in helm-docs is related to the problem I've described: norwoodj/helm-docs#225

[nicolastakashi]

@indigo423 amazing, thanks for handling this.
Can you also bump version on chart.yaml and update Helm Read me by running make update-helm-readme

[indigo423]

@indigo423 amazing, thanks for handling this. Can you also bump version on chart.yaml and update Helm Read me by running make update-helm-readme

Thanks for the hint, done