feat: configure gitlab groups from external oidc groups
General MR
Summary
This Merge Request adds the ability to configure GitLab users based on OIDC group membership. The impacted config is the gitlab-sso-provider
secret that is deployed alongside the GitLab HelmRelease
.
The following values can now be included in addons.gitlab.sso
:
groups:
groupsAttribute: ""
requiredGroups: []
externalGroups: []
auditorGroups: []
adminGroups: []
This addition is backwards compatible. If a user does not supply any groups
in their GitLab values, the gitlab-sso-provider
secret will still render a valid JSON object.
NOTE: That this is only a GitLab premium/ultimate feature.
Relevant logs/screenshots
GitLab Docs on configuring external groups - ref
Linked Issue
Upgrade Notices
N/A