Idp scopes (#56)

Add IDP Scope option

charts/pomerium/Chart.yaml

@@ -1,6 +1,6 @@
 apiVersion: v1
 name: pomerium
-version: 5.0.3
+version: 5.0.4
 appVersion: 0.6.2
 home: http://www.pomerium.io/
 icon: https://www.pomerium.io/logo-long.svg

charts/pomerium/README.md

@@ -111,6 +111,7 @@ A full listing of Pomerium's configuration variables can be found on the [config
 | `authenticate.idp.clientID`           | Identity Provider oauth [client ID](https://www.pomerium.io/docs/reference/reference.html#identity-provider-client-id).                                                                                                                                                                            | Required                                                                              |
 | `authenticate.idp.clientSecret`       | Identity Provider oauth [client secret](https://www.pomerium.io/docs/reference/reference.html#identity-provider-client-secret).                                                                                                                                                                    | Required                                                                              |
 | `authenticate.idp.url`                | Identity [Provider URL](https://www.pomerium.io/docs/reference/reference.html#identity-provider-url).                                                                                                                                                                                              | Optional                                                                              |
+| `authenticate.idp.scopes`             | Identity [Provider Scopes](https://www.pomerium.io/configuration/#identity-provider-scopes).                                                                                                                                                                                                       | Optional                                                                              |
 | `authenticate.idp.serviceAccount`     | Identity Provider [service account](https://www.pomerium.io/docs/reference/reference.html#identity-provider-service-account).                                                                                                                                                                      | Optional                                                                              |
 | `authenticate.replicaCount`           | Number of Authenticate pods to run                                                                                                                                                                                                                                                                 | `1`                                                                                   |
 | `authenticate.existingTLSSecret`      | Name of existing TLS Secret for authenticate service                                                                                                                                                                                                                                               |                                                                                       |

charts/pomerium/templates/authenticate-deployment.yaml

@@ -81,6 +81,8 @@ spec:
               key: shared-secret
         - name: IDP_PROVIDER
           value: {{ .Values.authenticate.idp.provider }}
+        - name: IDP_SCOPES
+          value: {{ .Values.authenticate.idp.scopes }}
         - name: IDP_CLIENT_ID
           valueFrom:
             secretKeyRef:

charts/pomerium/values.yaml

@@ -18,7 +18,7 @@ config:
   forceGenerateTLS: false
   extraOpts: {}
   existingPolicy: ""
-  policy: {}
+  policy: []
 
 authenticate:
   fullnameOverride: ""
@@ -32,6 +32,7 @@ authenticate:
     clientID: "REPLACE_ME"
     clientSecret: "REPLACE_ME"
     url: ""
+    scopes: ""
     serviceAccount: ""
   tls:
     cert: ""