migrate to new passmower

2024-07-27 19:44:30 +03:00 · 2024-07-27 19:44:30 +03:00 · 1e8bccbfa3
commit 1e8bccbfa3
parent e89edca340
3 changed files with 24 additions and 3 deletions
--- a/README.md
+++ b/README.md
@ -23,7 +23,7 @@ patch /etc/kubernetes/manifests/kube-apiserver.yaml - << EOF
     - --etcd-certfile=/etc/kubernetes/pki/apiserver-etcd-client.crt
     - --etcd-keyfile=/etc/kubernetes/pki/apiserver-etcd-client.key
     - --etcd-servers=https://127.0.0.1:2379
-+    - --oidc-issuer-url=https://auth2.k-space.ee/
+    - --oidc-issuer-url=https://auth.k-space.ee/
 +    - --oidc-client-id=oidc-gateway.kubelogin
 +    - --oidc-username-claim=sub
 +    - --oidc-groups-claim=groups
--- a/harbor/application-extras.yml
+++ b/harbor/application-extras.yml
@ -0,0 +1,23 @@
+---
+apiVersion: codemowers.cloud/v1beta1
+kind: OIDCClient
+metadata:
+  name: harbor
+  namespace: harbor-operator
+spec:
+  displayName: Harbor
+  uri: https://harbor.k-space.ee
+  redirectUris:
+    - https://harbor.k-space.ee/c/oidc/callback
+  allowedGroups:
+    - k-space:floor
+  grantTypes:
+    - authorization_code
+    - refresh_token
+  responseTypes:
+    - code
+  availableScopes:
+    - openid
+    - profile
+  pkce: false
+  
--- a/passmower/application.yaml
+++ b/passmower/application.yaml
@ -546,8 +546,6 @@ spec:
              value: "k-space"
            - name: ADMIN_GROUP
              value: "k-space:onboarding"
-            - name: REQUIRED_GROUP
-              value: "github.com:foo:bar"
            - name: GITHUB_ORGANIZATION
              value: "codemowers"
            - name: ENROLL_USERS