--- apiVersion: codemowers.io/v1alpha1 kind: OIDCGWClient metadata: name: whoami-oidc spec: displayName: Whoami (oidc-tester-app) uri: https://whoami-oidc.k-space.ee redirectUris: - https://whoami-oidc.k-space.ee/auth/callback grantTypes: - authorization_code - refresh_token responseTypes: - code availableScopes: - openid - profile tokenEndpointAuthMethod: client_secret_post pkce: false --- apiVersion: apps/v1 kind: Deployment metadata: name: whoami-oidc labels: app.kubernetes.io/name: whoami-oidc spec: replicas: 1 revisionHistoryLimit: 0 selector: matchLabels: app.kubernetes.io/name: whoami-oidc template: metadata: labels: app.kubernetes.io/name: whoami-oidc spec: containers: - name: whoami-oidc image: harbor.k-space.ee/rasmus/oidctest:latest@sha256:55927b9a50580fb087277af25fbc492b5ab4abcc1926c29ed40c190a99ced77b env: - name: OIDC_ROOT_URL value: https://whoami-oidc.k-space.ee - name: OIDC_PROVIDER valueFrom: secretKeyRef: name: oidc-client-whoami-oidc-owner-secrets key: OIDC_GATEWAY_URI - name: OIDC_CLIENT_ID valueFrom: secretKeyRef: name: oidc-client-whoami-oidc-owner-secrets key: OIDC_CLIENT_ID - name: OIDC_CLIENT_SECRET valueFrom: secretKeyRef: name: oidc-client-whoami-oidc-owner-secrets key: OIDC_CLIENT_SECRET ports: - containerPort: 9009 name: http resources: limits: cpu: "1" memory: "512Mi" --- apiVersion: v1 kind: Service metadata: name: whoami-oidc spec: selector: app.kubernetes.io/name: whoami-oidc ports: - port: 80 name: http targetPort: http --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: whoami-oidc annotations: kubernetes.io/ingress.class: traefik traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.tls: "true" external-dns.alpha.kubernetes.io/target: traefik.k-space.ee spec: rules: - host: whoami-oidc.k-space.ee http: paths: - pathType: Prefix path: "/" backend: service: name: whoami-oidc port: name: http tls: - hosts: - "*.k-space.ee"