Skip to content

Commit

Permalink
Update README (#58)
Browse files Browse the repository at this point in the history
  • Loading branch information
@travisgroth
travisgroth authored Feb 15, 2020
1 parent 9973a3d commit c66dcb6
Show file tree
Hide file tree
Showing 3 changed files with 11 additions and 10 deletions.
2 changes: 2 additions & 0 deletions .github/workflows/test.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,8 @@ jobs:
- name: Install helm
uses: azure/setup-helm@v1
id: install
with:
version: v3.0.3

- name: "Add stable repo"
run: "helm repo add stable https://kubernetes-charts.storage.googleapis.com"
Expand Down
2 changes: 1 addition & 1 deletion charts/pomerium/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
apiVersion: v1
name: pomerium
version: 5.0.4
version: 5.0.5
appVersion: 0.6.2
home: http://www.pomerium.io/
icon: https://www.pomerium.io/logo-long.svg
Expand Down
17 changes: 8 additions & 9 deletions charts/pomerium/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,14 +7,17 @@
- [Install the chart](#install-the-chart)
- [Uninstalling the Chart](#uninstalling-the-chart)
- [TLS Certificates](#tls-certificates)
- [Ingress Controller Annotations](#ingress-controller-annotations)
- [Auto Generation](#auto-generation)
- [Self Provisioned](#self-provisioned)
- [Configuration](#configuration)
- [Changelog](#changelog)
- [5.0.0](#500)
- [4.0.0](#400)
- [3.0.0](#300)
- [2.0.0](#200)
- [Upgrading](#upgrading)
- [5.0.0](#500-1)
- [4.0.0](#400-1)
- [3.0.0](#300-1)
- [2.0.0](#200-1)
Expand All @@ -35,21 +38,13 @@ helm install my-release pomerium/pomerium
An example of a minimal, but complete installation of pomerium with identity provider settings, random secrets, certificates, and external URLs is as follows:

```sh
kubectl create configmap config --from-file="config.yaml"="$HOME/pomerium/docs/docs/examples/config/config.example.yaml"

helm install my-release pomerium/pomerium\
--set service.type="NodePort" \
--set config.rootDomain="corp.beyondperimeter.com" \
--set config.existingConfig="config" \
--set config.sharedSecret=$(head -c32 /dev/urandom | base64) \
--set config.cookieSecret=$(head -c32 /dev/urandom | base64) \
--set ingress.secret.name="pomerium-tls" \
--set ingress.secret.cert=$(base64 -i "$HOME/.acme.sh/*.corp.beyondperimeter.com_ecc/fullchain.cer") \
--set ingress.secret.key=$(base64 -i "$HOME/.acme.sh/*.corp.beyondperimeter.com_ecc/*.corp.beyondperimeter.com.key") \
--set authenticate.idp.provider="google" \
--set authenticate.idp.clientID="REPLACE_ME" \
--set authenticate.idp.clientSecret="REPLACE_ME"

```

## Uninstalling the Chart
Expand All @@ -64,6 +59,10 @@ The command removes nearly all the Kubernetes components associated with the cha

## TLS Certificates

### Ingress Controller Annotations

Pomerium uses TLS for all components. You may need to configure your ingress controller to communicate with pomerium over TLS.

### Auto Generation

In default configuration, this chart will automatically generate TLS certificates in a helm `pre-install` hook for the Pomerium services to communicate with.
Expand Down Expand Up @@ -149,7 +148,7 @@ A full listing of Pomerium's configuration variables can be found on the [config
| `tracing.jaeger.collector_endpoint` | The jaeger collector endpoint | Required |
| `tracing.jaeger.agent_endpoint` | The jaeger agent endpoint | Required |
| `ingress.enabled` | Enables Ingress for pomerium | `true` |
| `ingress.annotations` | Ingress annotations | `{}` |
| `ingress.annotations` | Ingress annotations. Ensure you set appropriate annotations for TLS backend and large URLs if using Azure. | `{}` |
| `ingress.hosts` | Ingress accepted hostnames | `[]` |
| `ingress.tls` | Ingress TLS configuration | `[]` |
| `metrics.enabled` | Enable prometheus metrics endpoint | `false` |
Expand Down

0 comments on commit c66dcb6

Please sign in to comment.