Skip to content

Commit d5b9357

Browse files
authored
Merge branch 'main' into fix/rwx-pvc-resource-map-groups-4310
2 parents ed959b3 + 283fbdc commit d5b9357

File tree

8 files changed

+19
-9
lines changed

8 files changed

+19
-9
lines changed

.github/workflows/helm-chart-release.yml

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -80,10 +80,9 @@ jobs:
8080

8181
- name: Push Charts to GHCR
8282
run: |
83-
for pkg in .cr-release-packages/*; do
83+
for pkg in .cr-release-packages/*.tgz; do
8484
if [ -z "${pkg:-}" ]; then
8585
break
8686
fi
87-
8887
helm push "${pkg}" oci://ghcr.io/${{ github.repository }}/charts
8988
done

charts/headlamp/README.md

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -90,7 +90,7 @@ $ helm install my-headlamp headlamp/headlamp \
9090
| config.oidc.secret.name | string | `"oidc"` | Name of the OIDC secret |
9191
| config.oidc.externalSecret.enabled | bool | `false` | Enable using external secret for OIDC |
9292
| config.oidc.externalSecret.name | string | `""` | Name of external OIDC secret |
93-
| config.oidc.meUserInfoURL | string | `""` | URL to fetch additional user info for the /me endpoint. For oauth2proxy /oauth2/userinfo can be used. |
93+
| config.oidc.meUserInfoURL | string | `""` | URL to fetch additional user info for the /me endpoint. Useful for providers like oauth2-proxy. |
9494

9595
There are three ways to configure OIDC:
9696

@@ -102,6 +102,7 @@ config:
102102
clientSecret: "your-client-secret"
103103
issuerURL: "https://your-issuer"
104104
scopes: "openid profile email"
105+
meUserInfoURL: "https://headlamp.example.com/oauth2/userinfo"
105106
```
106107
107108
2. Using automatic secret creation:

charts/headlamp/templates/deployment.yaml

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -212,7 +212,7 @@ spec:
212212
{{- end }}
213213
{{- if $oidc.useAccessToken }}
214214
- name: OIDC_USE_ACCESS_TOKEN
215-
value: {{ $oidc.useAccessToken }}
215+
value: {{ $oidc.useAccessToken | quote }}
216216
{{- end }}
217217
{{- if $oidc.usePKCE }}
218218
- name: OIDC_USE_PKCE
@@ -388,6 +388,9 @@ spec:
388388
{{- toYaml $defaultSC | nindent 12 }}
389389
{{- end }}
390390
{{- end }}
391+
{{- with .Values.extraContainers }}
392+
{{- toYaml . | nindent 8 }}
393+
{{- end }}
391394
{{- with .Values.nodeSelector }}
392395
nodeSelector:
393396
{{- toYaml . | nindent 8 }}

charts/headlamp/templates/secret.yaml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -34,5 +34,8 @@ data:
3434
{{- with .usePKCE }}
3535
usePKCE: {{ . | toString | b64enc | quote }}
3636
{{- end }}
37+
{{- with .meUserInfoURL }}
38+
meUserInfoURL: {{ . | b64enc | quote }}
39+
{{- end }}
3740
{{- end }}
3841
{{- end }}

charts/headlamp/tests/expected_templates/me-user-info-url.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,7 @@ metadata:
2020
namespace: default
2121
type: Opaque
2222
data:
23+
meUserInfoURL: "L29hdXRoMi91c2VyaW5mb2N1c3RvbTI="
2324
---
2425
# Source: headlamp/templates/clusterrolebinding.yaml
2526
apiVersion: rbac.authorization.k8s.io/v1

charts/headlamp/tests/expected_templates/oidc-validator-overrides.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -111,7 +111,7 @@ spec:
111111
- name: OIDC_VALIDATOR_ISSUER_URL
112112
value: overriddenIssuerURL
113113
- name: OIDC_USE_ACCESS_TOKEN
114-
value: true
114+
value: "true"
115115
args:
116116
- "-in-cluster"
117117
- "-in-cluster-context-name=main"

charts/headlamp/values.yaml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -28,6 +28,9 @@ namespaceOverride: ""
2828
# -- An optional list of init containers to be run before the main containers.
2929
initContainers: []
3030

31+
# -- An optional list of extra containers to be run along side the main containers.
32+
extraContainers: []
33+
3134
config:
3235
inCluster: true
3336
inClusterContextName: "main"

docs/installation/in-cluster/dex/index.md

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -157,10 +157,10 @@ To configure Headlamp, you can use the Headlamp Helm chart. Follow these steps t
157157
```yaml title="values.yaml"
158158
config:
159159
oidc:
160-
clientID: "<YOUR-CLIENT-ID>"
161-
clientSecret: "<YOUR-CLIENT-SECRET>"
162-
issuerURL: "<YOUR-DEX-URL>"
163-
scopes: "email"
160+
clientID: "<YOUR-CLIENT-ID>"
161+
clientSecret: "<YOUR-CLIENT-SECRET>"
162+
issuerURL: "<YOUR-DEX-URL>"
163+
scopes: "email"
164164
```
165165
166166
Replace `<YOUR-CLIENT-ID>`,`<YOUR-CLIENT-SECRET>`,`<YOUR-DEX-URL>` with your specific OIDC configuration details.

0 commit comments

Comments
 (0)