whoami-oidc

2024-02-12 07:46:12 +02:00
parent a055c739c1
commit d29a1a3531
2 changed files with 115 additions and 0 deletions
--- a/whoami-oidc/application.yaml
+++ b/whoami-oidc/application.yaml
@@ -0,0 +1,99 @@
+---
+apiVersion: codemowers.io/v1alpha1
+kind: OIDCGWClient
+metadata:
+  name: whoami-oidc
+spec:
+  displayName: Whoami (oidc-tester-app)
+  uri: https://whoami-oidc.k-space.ee
+  redirectUris:
+    - https://whoami-oidc.k-space.ee/oauth2/callback
+  grantTypes:
+    - authorization_code
+    - refresh_token
+  responseTypes:
+    - code
+  availableScopes:
+    - openid
+    - profile
+  tokenEndpointAuthMethod: client_secret_post
+  pkce: false
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: whoami-oidc
+  labels:
+    app.kubernetes.io/name: whoami-oidc
+spec:
+  replicas: 1
+  revisionHistoryLimit: 0
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: whoami-oidc
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: whoami-oidc
+    spec:
+      containers:
+        - name: whoami-oidc
+          image: harbor.k-space.ee/jtagcat/oidc-tester-app@sha256:9e811f2a0ab2ca1a29fd05daca3aab61ad4960e9327527d0725d53aaa60ba184
+          env:
+            - name: TESTER_PUBLIC_URL
+              value: https://whoami-oidc.k-space.ee/
+            - name: TESTER_ISSUER
+              valueFrom:
+                secretKeyRef:
+                  name: oidc-client-whoami-oidc-owner-secrets
+                  key: OIDC_GATEWAY_URI
+            - name: TESTER_CLIENT_ID
+              valueFrom:
+                secretKeyRef:
+                  name: oidc-client-whoami-oidc-owner-secrets
+                  key: OIDC_CLIENT_ID
+            - name: TESTER_CLIENT_SECRET
+              valueFrom:
+                secretKeyRef:
+                  name: oidc-client-whoami-oidc-owner-secrets
+                  key: OIDC_CLIENT_SECRET
+          ports:
+            - containerPort: 8080
+              name: http
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: whoami-oidc
+spec:
+  selector:
+    app.kubernetes.io/name: whoami-oidc
+  ports:
+  - port: 80
+    name: http
+    targetPort: http
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: whoami-oidc
+  annotations:
+    kubernetes.io/ingress.class: traefik
+    traefik.ingress.kubernetes.io/router.entrypoints: websecure
+    traefik.ingress.kubernetes.io/router.tls: "true"
+    external-dns.alpha.kubernetes.io/target: traefik.k-space.ee
+spec:
+  rules:
+    - host: whoami-oidc.k-space.ee
+      http:
+        paths:
+          - pathType: Prefix
+            path: "/"
+            backend:
+              service:
+                name: whoami-oidc
+                port:
+                  name: http
+  tls:
+    - hosts:
+        - "*.k-space.ee"