Skip to content

Commit

Permalink
Add ability for edit user_name_claim and regex (#388)
Browse files Browse the repository at this point in the history 
Fix issue where identity token does not contain an email addres. This
can be the case for some azure only tenants where no email is configured
on the domain.

Co-authored-by: Glenn Schuurman <[email protected]>
Co-authored-by: RyanHolstien <[email protected]>
  • Loading branch information
@gschuurman @RyanHolstien
3 people authored Nov 27, 2023
1 parent 7f92a58 commit b3f33cf
Show file tree
Hide file tree
Showing 5 changed files with 12 additions and 4 deletions.
2 changes: 1 addition & 1 deletion charts/datahub/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ description: A Helm chart for LinkedIn DataHub
type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
version: 0.3.11
version: 0.3.12
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application.
appVersion: 0.11.0
Expand Down
2 changes: 1 addition & 1 deletion charts/datahub/subcharts/datahub-frontend/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ description: A Helm chart for Kubernetes
type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
version: 0.2.146
version: 0.2.147
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application.
appVersion: v0.11.0
3 changes: 3 additions & 0 deletions charts/datahub/subcharts/datahub-frontend/README.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
datahub-frontend
================

A Helm chart for datahub-frontend

Current chart version is `0.2.0`
Expand Down Expand Up @@ -46,6 +47,8 @@ Current chart version is `0.2.0`
| oidcAuthentication.clientSecretRef.secretKey | string | `"nil"` | Optional, this is the key of the shared secret to use for exchange between you and your identity provider |
| oidcAuthentication.oktaDomain | string | `""` | Okta domain, e.g. `dev-12345.okta.com`; needed only if `provider` is set to `okta` |
| oidcAuthentication.azureTenantId | string | `""` | Azure directory (tenant) ID; neede only if `provider` is set to `azure` |
| oidcAuthentication.user_name_claim | string | `""` | The attribute that will contain the username used on the DataHub platform |
| oidcAuthentication.user_name_claim_regex | string | `""` | A regex string used for extracting the username from the userNameClaim attribute |
| podAnnotations | object | `{}` | |
| podSecurityContext | object | `{}` | |
| readinessProbe.initialDelaySeconds | int | `60` | |
Expand Down
4 changes: 2 additions & 2 deletions charts/datahub/subcharts/datahub-frontend/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -216,9 +216,9 @@ spec:
- name: AUTH_OIDC_SCOPE
value: {{ .scope | default "openid profile email" }}
- name: AUTH_OIDC_USER_NAME_CLAIM
value: email
value: {{ .user_name_claim | default "email" }}
- name: AUTH_OIDC_USER_NAME_CLAIM_REGEX
value: ([^@]+)
value: {{ .user_name_claim_regex | default "([^@]+)" }}
{{- else if eq .provider "okta" }}
- name: AUTH_OIDC_DISCOVERY_URI
value: https://{{ .oktaDomain }}/.well-known/openid-configuration
Expand Down
5 changes: 5 additions & 0 deletions charts/datahub/subcharts/datahub-frontend/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -90,6 +90,11 @@ oidcAuthentication:
# if needed, it should set meaningful defaults from provider
# scope: "openid profile email"

# The attribute that will contain the username used on the DataHub platform.
# user_name_claim: "email"
# A regex string used for extracting the username from the userNameClaim attribute.
# user_name_claim_regex: "([^@]+)"

# Extra labels for Deployment
extraLabels: {}
# owner: myteam
Expand Down

0 comments on commit b3f33cf

Please sign in to comment.