diff --git a/chart/templates/authservice/values.yaml b/chart/templates/authservice/values.yaml
index 1a73d1773bc3102d6ed1b2898569d3cbd4a57765..958fc6af130b7c18f68cdc9f5da4b24e1b886707 100644
--- a/chart/templates/authservice/values.yaml
+++ b/chart/templates/authservice/values.yaml
@@ -36,27 +36,49 @@ chains:
jaeger:
match:
header: ":authority"
+ {{- $jaegerValues := .Values.jaeger.values | default dict }}
+ {{- $jaegerIstioValues := $jaegerValues.istio | default dict }}
+ {{- $jaegerHostValues := $jaegerIstioValues.jaeger | default dict}}
+ {{- if hasKey $jaegerHostValues "hosts" }}
+ prefix: {{ range .Values.jaeger.values.istio.jaeger.hosts }}{{ tpl . $}}{{ end }}
+ callback_uri: https://{{ range .Values.jaeger.values.istio.jaeger.hosts }}{{ tpl . $}}{{ end }}/login
+ {{- else }}
prefix: "tracing"
+ callback_uri: https://tracing.{{ .Values.hostname }}/login
+ {{- end }}
client_id: "{{ .Values.jaeger.sso.client_id }}"
client_secret: "{{ .Values.jaeger.sso.client_secret }}"
- callback_uri: https://tracing.{{ .Values.hostname }}/login
{{- end }}
{{- if .Values.monitoring.sso.enabled }}
prometheus:
match:
header: ":authority"
+ {{- $monitoringValues := .Values.monitoring.values | default dict }}
+ {{- $monitoringIstioValues := $monitoringValues.istio | default dict }}
+ {{- $prometheusHostValues := $monitoringIstioValues.prometheus | default dict}}
+ {{- if hasKey $prometheusHostValues "hosts" }}
+ prefix: {{ range .Values.monitoring.values.istio.prometheus.hosts }}{{ tpl . $}}{{ end }}
+ callback_uri: https://{{ range .Values.monitoring.values.istio.prometheus.hosts }}{{ tpl . $}}{{ end }}/login/generic_oauth
+ {{- else }}
prefix: "prometheus"
+ callback_uri: https://prometheus.{{ .Values.hostname }}/login/generic_oauth
+ {{- end }}
client_id: {{ .Values.monitoring.sso.prometheus.client_id }}
client_secret: "{{ .Values.monitoring.sso.prometheus.client_secret }}"
- callback_uri: https://prometheus.{{ .Values.hostname }}/login/generic_oauth
alertmanager:
match:
header: ":authority"
+ {{- $alertmanagerHostValues := $monitoringIstioValues.alertmanager | default dict}}
+ {{- if hasKey $alertmanagerHostValues "hosts" }}
+ prefix: {{ range .Values.monitoring.values.istio.alertmanager.hosts }}{{ tpl . $}}{{ end }}
+ callback_uri: https://{{ range .Values.monitoring.values.istio.alertmanager.hosts }}{{ tpl . $}}{{ end }}/login/generic_oauth
+ {{- else }}
prefix: "alertmanager"
+ callback_uri: https://alertmanager.{{ .Values.hostname }}/login/generic_oauth
+ {{- end }}
client_id: {{ .Values.monitoring.sso.alertmanager.client_id }}
client_secret: "{{ .Values.monitoring.sso.alertmanager.client_secret }}"
- callback_uri: https://alertmanager.{{ .Values.hostname }}/login/generic_oauth
{{- end }}
{{- end -}}
diff --git a/chart/templates/haproxy/values.yaml b/chart/templates/haproxy/values.yaml
index 7bc611087d823d4681b6bf3592306b05fc0bd88d..8a30d2d04fe4b54088c5df6df10a51c5bbbda4b0 100644
--- a/chart/templates/haproxy/values.yaml
+++ b/chart/templates/haproxy/values.yaml
@@ -65,8 +65,20 @@ config: |
unique-id-format %{+X}o\ 1-%[date,hex,bytes(8,8),lower]-%[capture.req.hdr(3)]
http-request set-header X-Amzn-Trace-Id Root=%[unique-id,lower]
bind :8080
+ {{- $monitoringValues := .Values.monitoring.values | default dict }}
+ {{- $monitoringIstioValues := $monitoringValues.istio | default dict }}
+ {{- $prometheusHostValues := $monitoringIstioValues.prometheus | default dict}}
+ {{- $alertmanagerHostValues := $monitoringIstioValues.alertmanager | default dict}}
+ {{- if hasKey $alertmanagerHostValues "hosts" }}
+ acl host_alertmanager hdr(host) -i {{ range .Values.monitoring.values.istio.alertmanager.hosts }}{{ tpl . $}}{{ end }}
+ {{- else }}
acl host_alertmanager hdr(host) -i alertmanager.{{ .Values.hostname }}
+ {{- end }}
+ {{- if hasKey $prometheusHostValues "hosts" }}
+ acl host_prometheus hdr(host) -i {{ range .Values.monitoring.values.istio.prometheus.hosts }}{{ tpl . $}}{{ end }}
+ {{- else }}
acl host_prometheus hdr(host) -i prometheus.{{ .Values.hostname }}
+ {{- end }}
option forwardfor
use_backend alertmanager_main if host_alertmanager
diff --git a/chart/values.yaml b/chart/values.yaml
index a7f08526e5d7cee05b2b3750c3af59e831b455bf..5480d8e6d3843177d3889b73f5abb849a933e063 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -56,7 +56,7 @@ sso:
realm: baby-yoda
# -- Keycloak's certificate authority (unencoded) used by authservice to support SSO for various packages
- certificate_authority: ""
+ certificate_authority: ''
# -- Keycloak realm's json web key uri, obtained through https://<keycloak-server>/auth/realms/<realm>/.well-known/openid-configuration
jwks: ""