--- apiVersion: codemowers.io/v1alpha1 kind: OIDCGWClient metadata: name: whoami-oidc spec: displayName: Whoami (oidc-tester-app) uri: https://whoami-oidc.k-space.ee redirectUris: - https://whoami-oidc.k-space.ee/oauth2/callback grantTypes: - authorization_code - refresh_token responseTypes: - code availableScopes: - openid - profile tokenEndpointAuthMethod: client_secret_post pkce: false --- apiVersion: apps/v1 kind: Deployment metadata: name: whoami-oidc labels: app.kubernetes.io/name: whoami-oidc spec: replicas: 1 revisionHistoryLimit: 0 selector: matchLabels: app.kubernetes.io/name: whoami-oidc template: metadata: labels: app.kubernetes.io/name: whoami-oidc spec: containers: - name: whoami-oidc image: harbor.k-space.ee/jtagcat/oidc-tester-app@sha256:9e811f2a0ab2ca1a29fd05daca3aab61ad4960e9327527d0725d53aaa60ba184 env: - name: TESTER_PUBLIC_URL value: https://whoami-oidc.k-space.ee/ - name: TESTER_ISSUER valueFrom: secretKeyRef: name: oidc-client-whoami-oidc-owner-secrets key: OIDC_GATEWAY_URI - name: TESTER_CLIENT_ID valueFrom: secretKeyRef: name: oidc-client-whoami-oidc-owner-secrets key: OIDC_CLIENT_ID - name: TESTER_CLIENT_SECRET valueFrom: secretKeyRef: name: oidc-client-whoami-oidc-owner-secrets key: OIDC_CLIENT_SECRET ports: - containerPort: 8080 name: http --- apiVersion: v1 kind: Service metadata: name: whoami-oidc spec: selector: app.kubernetes.io/name: whoami-oidc ports: - port: 80 name: http targetPort: http --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: whoami-oidc annotations: kubernetes.io/ingress.class: traefik traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.tls: "true" external-dns.alpha.kubernetes.io/target: traefik.k-space.ee spec: rules: - host: whoami-oidc.k-space.ee http: paths: - pathType: Prefix path: "/" backend: service: name: whoami-oidc port: name: http tls: - hosts: - "*.k-space.ee"