platform/manifests
1
0
Fork 0
Code Issues 7 Pull Requests 6 Actions Packages Projects Releases Wiki Activity

fix(dex): Allow cors

Browse Source
This commit is contained in:
Moritz Jörg
2026-03-14 17:26:40 +01:00
parent 0b2119b769
commit cd2280b5ed
1 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
values/dex/values/values.yaml
+7 -1
View File
@@ -14,7 +14,7 @@ config:
mode: disable mode: disable
web: web:
http: 0.0.0.0:5556 http: 0.0.0.0:5556
allowedOrigins: ["*"] # CORS is handled by nginx ingress annotations below instead of at the application level
frontend: frontend:
# theme: light # theme: light
theme: coreos theme: coreos
@@ -159,6 +159,12 @@ ingress:
cert-manager.io/cluster-issuer: letsencrypt-production cert-manager.io/cluster-issuer: letsencrypt-production
nginx.ingress.kubernetes.io/ssl-redirect: "true" nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/backend-protocol: HTTP nginx.ingress.kubernetes.io/backend-protocol: HTTP
# CORS: allow browser-based OIDC flows (e.g. token introspection, JWKS fetch)
# TODO: migrate to Gateway API HTTPRoute with ResponseHeaderModifier filter when cilium gateway supports it cluster-wide
nginx.ingress.kubernetes.io/enable-cors: "true"
nginx.ingress.kubernetes.io/cors-allow-origin: "*"
nginx.ingress.kubernetes.io/cors-allow-methods: "GET, POST, OPTIONS"
nginx.ingress.kubernetes.io/cors-allow-headers: "Authorization, Content-Type"
hosts: hosts:
- host: auth.adm.oceanbox.io - host: auth.adm.oceanbox.io
paths: paths: