kube/_disabled/whoami-oidc/application.yaml

---
apiVersion: codemowers.cloud/v1beta1
kind: OIDCClient
metadata:
  name: whoami-oidc
  namespace: whoami-oidc
spec:
  displayName: Whoami OIDC
  uri: https://whoami-oidc.k-space.ee
  redirectUris:
    - https://whoami-oidc.k-space.ee/auth/callback
  grantTypes:
    - authorization_code
    - refresh_token
  responseTypes:
    - code
  availableScopes:
    - openid
    - profile
  pkce: false
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: whoami-oidc
  labels:
    app.kubernetes.io/name: whoami-oidc
spec:
  replicas: 1
  revisionHistoryLimit: 0
  selector:
    matchLabels:
      app.kubernetes.io/name: whoami-oidc
  template:
    metadata:
      labels:
        app.kubernetes.io/name: whoami-oidc
    spec:
      containers:
        - name: whoami-oidc
          image: harbor.k-space.ee/rasmus/oidctest:latest@sha256:55927b9a50580fb087277af25fbc492b5ab4abcc1926c29ed40c190a99ced77b
          env:
            - name: OIDC_ROOT_URL
              value: https://whoami-oidc.k-space.ee
            - name: OIDC_PROVIDER
              valueFrom:
                secretKeyRef:
                  name: oidc-client-whoami-oidc-owner-secrets
                  key: OIDC_GATEWAY_URI
            - name: OIDC_CLIENT_ID
              valueFrom:
                secretKeyRef:
                  name: oidc-client-whoami-oidc-owner-secrets
                  key: OIDC_CLIENT_ID
            - name: OIDC_CLIENT_SECRET
              valueFrom:
                secretKeyRef:
                  name: oidc-client-whoami-oidc-owner-secrets
                  key: OIDC_CLIENT_SECRET
          ports:
            - containerPort: 9009
              name: http
          resources:
            limits:
              cpu: "1"
              memory: "512Mi"
---
apiVersion: v1
kind: Service
metadata:
  name: whoami-oidc
spec:
  selector:
    app.kubernetes.io/name: whoami-oidc
  ports:
  - port: 80
    name: http
    targetPort: http
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: whoami-oidc
  annotations:
    kubernetes.io/ingress.class: traefik
    traefik.ingress.kubernetes.io/router.entrypoints: websecure
    traefik.ingress.kubernetes.io/router.tls: "true"
    external-dns.alpha.kubernetes.io/target: traefik.k-space.ee
spec:
  rules:
    - host: whoami-oidc.k-space.ee
      http:
        paths:
          - pathType: Prefix
            path: "/"
            backend:
              service:
                name: whoami-oidc
                port:
                  name: http
  tls:
    - hosts:
        - "*.k-space.ee"