From a30d4ceffa2f8c0470cb6bd86161de4beaffdb8a Mon Sep 17 00:00:00 2001 From: Jonas Juselius Date: Wed, 31 Jan 2024 18:29:21 +0100 Subject: [PATCH] fix: update dex --- dex/{application.yaml => applicationset.yaml} | 5 +++-- dex/{ => manifests}/dex-config.yaml | 1 - dex/{ => manifests}/dex-volumes.yaml | 5 ++--- dex/prod-values.yaml | 17 +++++++++++++++++ dex/staging-values.yaml | 17 +++++++++++++++++ dex/values.yaml | 16 ---------------- 6 files changed, 39 insertions(+), 22 deletions(-) rename dex/{application.yaml => applicationset.yaml} (88%) rename dex/{ => manifests}/dex-config.yaml (99%) rename dex/{ => manifests}/dex-volumes.yaml (89%) create mode 100644 dex/prod-values.yaml create mode 100644 dex/staging-values.yaml diff --git a/dex/application.yaml b/dex/applicationset.yaml similarity index 88% rename from dex/application.yaml rename to dex/applicationset.yaml index 3dc94cc9..53c79d29 100644 --- a/dex/application.yaml +++ b/dex/applicationset.yaml @@ -20,7 +20,7 @@ spec: project: atlantis destination: server: https://kubernetes.default.svc - namespace: atlantis + namespace: idp source: - repoURL: https://charts.dexidp.io targetRevision: 0.16.0 @@ -28,7 +28,8 @@ spec: helm: valueFiles: - $values/dex/values.yaml + - $values/dex/{{ env }}-values.yaml - repoURL: https://gitlab.com/oceanbox/manifests.git targetRevision: HEAD - path: cerbos/manifests + path: dex/manifests ref: values diff --git a/dex/dex-config.yaml b/dex/manifests/dex-config.yaml similarity index 99% rename from dex/dex-config.yaml rename to dex/manifests/dex-config.yaml index 2ed8e32e..f9eefa1a 100644 --- a/dex/dex-config.yaml +++ b/dex/manifests/dex-config.yaml @@ -2,7 +2,6 @@ apiVersion: v1 kind: Secret metadata: name: dex - namespace: atlantis type: Opaque stringData: config.yaml: | diff --git a/dex/dex-volumes.yaml b/dex/manifests/dex-volumes.yaml similarity index 89% rename from dex/dex-volumes.yaml rename to dex/manifests/dex-volumes.yaml index a1651f08..85792216 100644 --- a/dex/dex-volumes.yaml +++ b/dex/manifests/dex-volumes.yaml @@ -4,7 +4,7 @@ metadata: name: pv-oceanbox-dex spec: accessModes: - - ReadWriteOnce + - ReadOnlyMany capacity: storage: 50M mountOptions: @@ -20,10 +20,9 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: name: oceanbox-dex - namespace: atlantis spec: accessModes: - - ReadWriteOnce + - ReadOnlyMany resources: requests: storage: 50M diff --git a/dex/prod-values.yaml b/dex/prod-values.yaml new file mode 100644 index 00000000..6163f635 --- /dev/null +++ b/dex/prod-values.yaml @@ -0,0 +1,17 @@ +ingress: + enabled: true + className: nginx + annotations: + cert-manager.io/cluster-issuer: letsencrypt-staging + nginx.ingress.kubernetes.io/ssl-redirect: "true" + hosts: + - host: idp.srv.oceanbox.io + paths: + - path: / + pathType: ImplementationSpecific + tls: + - secretName: prod-dex-tls + hosts: + - idp.srv.oceanbox.io + + diff --git a/dex/staging-values.yaml b/dex/staging-values.yaml new file mode 100644 index 00000000..63850a87 --- /dev/null +++ b/dex/staging-values.yaml @@ -0,0 +1,17 @@ +ingress: + enabled: true + className: nginx + annotations: + cert-manager.io/cluster-issuer: letsencrypt-staging + nginx.ingress.kubernetes.io/ssl-redirect: "true" + hosts: + - host: idp.beta.oceanbox.io + paths: + - path: / + pathType: ImplementationSpecific + tls: + - secretName: staging-dex-tls + hosts: + - idp.beta.oceanbox.io + + diff --git a/dex/values.yaml b/dex/values.yaml index db4be576..e3660a0c 100644 --- a/dex/values.yaml +++ b/dex/values.yaml @@ -33,21 +33,5 @@ service: port: 5557 nodePort: -ingress: - enabled: true - className: nginx - annotations: - cert-manager.io/cluster-issuer: letsencrypt-staging - nginx.ingress.kubernetes.io/ssl-redirect: "true" - hosts: - - host: idp.srv.oceanbox.io - paths: - - path: / - pathType: ImplementationSpecific - tls: - - secretName: dex-tls - hosts: - - idp.srv.oceanbox.io - serviceMonitor: enabled: true