From 9973a3d2dd1431db788bbcc75f8e9bff26c631a4 Mon Sep 17 00:00:00 2001 From: psychomelet <39754068+psychomelet@users.noreply.github.com> Date: Fri, 14 Feb 2020 12:31:13 +0800 Subject: [PATCH] Idp scopes (#56) Add IDP Scope option --- charts/pomerium/Chart.yaml | 2 +- charts/pomerium/README.md | 1 + charts/pomerium/templates/authenticate-deployment.yaml | 2 ++ charts/pomerium/values.yaml | 3 ++- 4 files changed, 6 insertions(+), 2 deletions(-) diff --git a/charts/pomerium/Chart.yaml b/charts/pomerium/Chart.yaml index 7a9123fa..34c372de 100644 --- a/charts/pomerium/Chart.yaml +++ b/charts/pomerium/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v1 name: pomerium -version: 5.0.3 +version: 5.0.4 appVersion: 0.6.2 home: http://www.pomerium.io/ icon: https://www.pomerium.io/logo-long.svg diff --git a/charts/pomerium/README.md b/charts/pomerium/README.md index 052afd6b..0517136c 100644 --- a/charts/pomerium/README.md +++ b/charts/pomerium/README.md @@ -111,6 +111,7 @@ A full listing of Pomerium's configuration variables can be found on the [config | `authenticate.idp.clientID` | Identity Provider oauth [client ID](https://www.pomerium.io/docs/reference/reference.html#identity-provider-client-id). | Required | | `authenticate.idp.clientSecret` | Identity Provider oauth [client secret](https://www.pomerium.io/docs/reference/reference.html#identity-provider-client-secret). | Required | | `authenticate.idp.url` | Identity [Provider URL](https://www.pomerium.io/docs/reference/reference.html#identity-provider-url). | Optional | +| `authenticate.idp.scopes` | Identity [Provider Scopes](https://www.pomerium.io/configuration/#identity-provider-scopes). | Optional | | `authenticate.idp.serviceAccount` | Identity Provider [service account](https://www.pomerium.io/docs/reference/reference.html#identity-provider-service-account). | Optional | | `authenticate.replicaCount` | Number of Authenticate pods to run | `1` | | `authenticate.existingTLSSecret` | Name of existing TLS Secret for authenticate service | | diff --git a/charts/pomerium/templates/authenticate-deployment.yaml b/charts/pomerium/templates/authenticate-deployment.yaml index 5cba43e6..925df0d8 100644 --- a/charts/pomerium/templates/authenticate-deployment.yaml +++ b/charts/pomerium/templates/authenticate-deployment.yaml @@ -81,6 +81,8 @@ spec: key: shared-secret - name: IDP_PROVIDER value: {{ .Values.authenticate.idp.provider }} + - name: IDP_SCOPES + value: {{ .Values.authenticate.idp.scopes }} - name: IDP_CLIENT_ID valueFrom: secretKeyRef: diff --git a/charts/pomerium/values.yaml b/charts/pomerium/values.yaml index 789f49d8..5deafa28 100644 --- a/charts/pomerium/values.yaml +++ b/charts/pomerium/values.yaml @@ -18,7 +18,7 @@ config: forceGenerateTLS: false extraOpts: {} existingPolicy: "" - policy: {} + policy: [] authenticate: fullnameOverride: "" @@ -32,6 +32,7 @@ authenticate: clientID: "REPLACE_ME" clientSecret: "REPLACE_ME" url: "" + scopes: "" serviceAccount: "" tls: cert: ""