Code owners
Assign users and groups as approvers for specific file changes. Learn more.
values.yaml 1.95 KiB
{{- if and .Values.istio.enabled ( or .Values.addons.authservice.enabled .Values.monitoring.sso.enabled .Values.jaeger.sso.enabled ) }}
{{- include "values-secret" (dict "root" $ "package" .Values.addons.authservice "name" "authservice" "defaults" (include "bigbang.defaults.authservice" .)) }}
{{- end }}
{{- define "bigbang.defaults.authservice" -}}
imagePullSecrets:
- name: private-registry
global:
oidc:
host: {{ .Values.sso.oidc.host }}
realm: {{ .Values.sso.oidc.realm }}
{{- if .Values.sso.jwks }}
jwks: "{{ .Values.sso.jwks }}"
{{- end }}
{{- if .Values.sso.client_id}}
client_id: {{ .Values.sso.client_id }}
{{- end }}
{{- if .Values.sso.client_secret }}
client_secret: {{ .Values.sso.client_secret }}
{{- end }}
{{- if .Values.sso.certificate_authority }}
certificate_authority: {{ .Values.sso.certificate_authority }}
{{- end }}
chains:
{{- if .Values.addons.authservice.chains }}
{{ .Values.addons.authservice.chains | toYaml | nindent 2 }}
{{- end }}
{{- if .Values.jaeger.sso.enabled }}
jaeger:
match:
header: ":authority"
prefix: "tracing"
client_id: "{{ .Values.jaeger.sso.client_id }}"
client_secret: "{{ .Values.jaeger.sso.client_secret }}"
callback_uri: https://tracing.{{ .Values.hostname }}/login
{{- end }}
{{- if .Values.monitoring.sso.enabled }}
prometheus:
match:
header: ":authority"
prefix: "prometheus"
client_id: {{ .Values.monitoring.sso.prometheus.client_id }}
client_secret: "{{ .Values.monitoring.sso.prometheus.client_secret }}"
callback_uri: https://prometheus.{{ .Values.hostname }}/login/generic_oauth
alertmanager:
match:
header: ":authority"
prefix: "alertmanager"
client_id: {{ .Values.monitoring.sso.alertmanager.client_id }}
client_secret: "{{ .Values.monitoring.sso.alertmanager.client_secret }}"
callback_uri: https://alertmanager.{{ .Values.hostname }}/login/generic_oauth
{{- end }}
{{- end -}}