eaas
/
oidc-test-client
1
0
Fork 0
Code Issues Pull Requests Packages Projects Activity
oidc-test-client/deployment.yaml

91 lines
2.1 KiB
YAML
Raw Blame History

---
apiVersion: codemowers.io/v1alpha1
kind: OIDCGWClient
metadata:
name: authorization-code-sample-client
spec:
uri: 'https://client-gab7y.codemowers.ee/'
redirectUris:
- 'https://client-gab7y.codemowers.ee/cb'
# allowedGroups: # if no groups are set, everyone is allowed
# - 'codemowers:users'
grantTypes:
- 'authorization_code'
- 'refresh_token' # might be supported by some implementations
responseTypes:
- 'code'
# - 'code id_token' # might be needed in some implementations
availableScopes:
- 'openid'
- 'profile'
- 'offline_access'
tokenEndpointAuthMethod: 'client_secret_basic'
pkce: true
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: oidc-test-client
annotations:
kubernetes.io/ingress.class: shared
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
external-dns.alpha.kubernetes.io/target: traefik.codemowers.ee
spec:
rules:
- host: client-gab7y.codemowers.ee
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: oidc-test-client
port:
number: 3000
tls:
- hosts:
- "*.codemowers.ee"
---
apiVersion: v1
kind: Service
metadata:
name: oidc-test-client
spec:
type: ClusterIP
selector:
app: oidc-test-client
ports:
- protocol: TCP
port: 3000
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: oidc-test-client
labels:
app: oidc-test-client
spec:
selector:
matchLabels:
app: oidc-test-client
replicas: 1
template:
metadata:
labels:
app: oidc-test-client
spec:
containers:
- name: oidc-test-client
image: oidc-test-client
ports:
- containerPort: 3000
env:
- name: CLIENT_URL
value: https://client-gab7y.codemowers.ee
envFrom:
- secretRef:
name: oidc-client-authorization-code-sample-client-owner-secrets
Reference in New Issue View Git Blame Copy Permalink