MyFavMirrors
/
minio
mirror of https://github.com/minio/minio.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add clientId existing secret option (#18768)

This commit is contained in:
Thomas Petit 2024-03-03 17:17:00 +01:00 committed by Harshavardhana
parent 6d08af61a0
commit 09b0e7133d
3 changed files with 16 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
helm/minio/templates/deployment.yaml
View File

@ -118,7 +118,14 @@ spec:
- name: MINIO_IDENTITY_OPENID_CONFIG_URL - name: MINIO_IDENTITY_OPENID_CONFIG_URL
value: {{ .Values.oidc.configUrl }} value: {{ .Values.oidc.configUrl }}
- name: MINIO_IDENTITY_OPENID_CLIENT_ID - name: MINIO_IDENTITY_OPENID_CLIENT_ID
{{- if and .Values.oidc.existingClientSecretName .Values.oidc.existingClientIdKey }}
valueFrom:
secretKeyRef:
name: {{ .Values.oidc.existingClientSecretName }}
key: {{ .Values.oidc.existingClientIdKey }}
{{- else }}
value: {{ .Values.oidc.clientId }} value: {{ .Values.oidc.clientId }}
{{- end }}
- name: MINIO_IDENTITY_OPENID_CLIENT_SECRET - name: MINIO_IDENTITY_OPENID_CLIENT_SECRET
{{- if and .Values.oidc.existingClientSecretName .Values.oidc.existingClientSecretKey }} {{- if and .Values.oidc.existingClientSecretName .Values.oidc.existingClientSecretKey }}
valueFrom: valueFrom:

7
helm/minio/templates/statefulset.yaml
View File

@ -156,7 +156,14 @@ spec:
- name: MINIO_IDENTITY_OPENID_CONFIG_URL - name: MINIO_IDENTITY_OPENID_CONFIG_URL
value: {{ .Values.oidc.configUrl }} value: {{ .Values.oidc.configUrl }}
- name: MINIO_IDENTITY_OPENID_CLIENT_ID - name: MINIO_IDENTITY_OPENID_CLIENT_ID
{{- if and .Values.oidc.existingClientSecretName .Values.oidc.existingClientIdKey }}
valueFrom:
secretKeyRef:
name: {{ .Values.oidc.existingClientSecretName }}
key: {{ .Values.oidc.existingClientIdKey }}
{{- else }}
value: {{ .Values.oidc.clientId }} value: {{ .Values.oidc.clientId }}
{{- end }}
- name: MINIO_IDENTITY_OPENID_CLIENT_SECRET - name: MINIO_IDENTITY_OPENID_CLIENT_SECRET
{{- if and .Values.oidc.existingClientSecretName .Values.oidc.existingClientSecretKey }} {{- if and .Values.oidc.existingClientSecretName .Values.oidc.existingClientSecretKey }}
valueFrom: valueFrom:

3
helm/minio/values.yaml
View File

@ -486,8 +486,9 @@ oidc:
configUrl: "https://identity-provider-url/.well-known/openid-configuration" configUrl: "https://identity-provider-url/.well-known/openid-configuration"
clientId: "minio" clientId: "minio"
clientSecret: "" clientSecret: ""
# Provide existing client secret from the Kubernetes Secret resource, existing secret will have priority over `clientSecret` # Provide existing client secret from the Kubernetes Secret resource, existing secret will have priority over `clientId` and/or `clientSecret``
existingClientSecretName: "" existingClientSecretName: ""
existingClientIdKey: ""
existingClientSecretKey: "" existingClientSecretKey: ""
claimName: "policy" claimName: "policy"
scopes: "openid,profile,email" scopes: "openid,profile,email"