Package Merge Request

Package Changes

When upgrading, the following changes may affect SSO:

Values related to the Identity Provider paths, certificates, and OIDC claims were deprecated and replaced with a set of global values. Deprecated values will still work, but you will see a deprecation notice in the Helm upgrade notes. See the values.yaml for details on new values.
(ArgoCD, GitLab, Grafana, Sonarqube): Login button label (name) is global and defaults to SSO.
(Authservice): When jwksUri and jwks are both defined, jwksUri takes precedence (previously, jwks took precedence).
(Authservice, Logging): Defaults expanded for URL endpoints and claim names to support global values and non-keycloak identity providers.

default OIDC name changed from blank to SSO. This changes the login button label.

Preferences jwksUri over jwks if both are defined. Previously jwks was preferred. This allows jwks to be dynamically updated if both are defined.
issuer_uri, authorization_uri, token_uri, logout_redirect_uri will be populated globally and per chain when the new values are used. This eliminates the need to populate oidc.host and oidc.realm and provides support for non-keycloak identity providers.

default label changed from blank to SSO. This changes the login button label.
client_options: identifier and secret no longer default to global sso values. Those values are reserved for authservice use and should not have been used as defaults.

default name changed from blank (which resulted in an "OAuth" label) to SSO. This changes the login button label.

issuer, auth_url, token_url, userinfo_url, endsession_url and jwkset_url will be populated when new values are used. This eliminates the need to populate oidc.host and oidc.realm and provides support for non-keycloak identity providers.
Default claim names for principal, groups, and mail are populated with typical values from Keycloak and can be overridden in global variables.

No package changes

Edited Dec 19, 2022 by Michael McLeroy