forked from k-space/kube
migrate to new passmower
This commit is contained in:
parent
e89edca340
commit
1e8bccbfa3
@ -23,7 +23,7 @@ patch /etc/kubernetes/manifests/kube-apiserver.yaml - << EOF
|
||||
- --etcd-certfile=/etc/kubernetes/pki/apiserver-etcd-client.crt
|
||||
- --etcd-keyfile=/etc/kubernetes/pki/apiserver-etcd-client.key
|
||||
- --etcd-servers=https://127.0.0.1:2379
|
||||
+ - --oidc-issuer-url=https://auth2.k-space.ee/
|
||||
+ - --oidc-issuer-url=https://auth.k-space.ee/
|
||||
+ - --oidc-client-id=oidc-gateway.kubelogin
|
||||
+ - --oidc-username-claim=sub
|
||||
+ - --oidc-groups-claim=groups
|
||||
|
23
harbor/application-extras.yml
Normal file
23
harbor/application-extras.yml
Normal file
@ -0,0 +1,23 @@
|
||||
---
|
||||
apiVersion: codemowers.cloud/v1beta1
|
||||
kind: OIDCClient
|
||||
metadata:
|
||||
name: harbor
|
||||
namespace: harbor-operator
|
||||
spec:
|
||||
displayName: Harbor
|
||||
uri: https://harbor.k-space.ee
|
||||
redirectUris:
|
||||
- https://harbor.k-space.ee/c/oidc/callback
|
||||
allowedGroups:
|
||||
- k-space:floor
|
||||
grantTypes:
|
||||
- authorization_code
|
||||
- refresh_token
|
||||
responseTypes:
|
||||
- code
|
||||
availableScopes:
|
||||
- openid
|
||||
- profile
|
||||
pkce: false
|
||||
|
@ -546,8 +546,6 @@ spec:
|
||||
value: "k-space"
|
||||
- name: ADMIN_GROUP
|
||||
value: "k-space:onboarding"
|
||||
- name: REQUIRED_GROUP
|
||||
value: "github.com:foo:bar"
|
||||
- name: GITHUB_ORGANIZATION
|
||||
value: "codemowers"
|
||||
- name: ENROLL_USERS
|
||||
|
Loading…
Reference in New Issue
Block a user