diff --git a/charts/dex/Chart.yaml b/charts/dex/Chart.yaml index 107c5877..f44ea567 100644 --- a/charts/dex/Chart.yaml +++ b/charts/dex/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 type: application name: dex -version: 0.6.3 +version: 0.6.4 appVersion: "2.30.0" kubeVersion: ">=1.14.0-0" description: OpenID Connect (OIDC) identity and OAuth 2.0 provider with pluggable connectors. @@ -26,3 +26,8 @@ annotations: artifacthub.io/images: | - name: dex image: ghcr.io/dexidp/dex:v2.30.0 + +dependencies: + - name: common + version: 1.*.* + repository: https://charts.bitnami.com/bitnami diff --git a/charts/dex/templates/deployment.yaml b/charts/dex/templates/deployment.yaml index 386a43f7..cba6286a 100644 --- a/charts/dex/templates/deployment.yaml +++ b/charts/dex/templates/deployment.yaml @@ -4,6 +4,13 @@ metadata: name: {{ include "dex.fullname" . }} labels: {{- include "dex.labels" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + annotations: + {{- if .Values.commonAnnotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} spec: {{- if not .Values.autoscaling.enabled }} replicas: {{ .Values.replicaCount }} @@ -14,14 +21,17 @@ spec: template: metadata: annotations: - {{- with .Values.podAnnotations }} - {{- toYaml . | nindent 8 }} + {{- if .Values.podAnnotations }} + {{- include "common.tplvalues.render" (dict "value" .Values.podAnnotations "context" $) | nindent 8 }} {{- end }} {{ if .Values.configSecret.create }} checksum/config: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }} {{- end }} labels: - {{- include "dex.selectorLabels" . | nindent 8 }} + {{- include "dex.labels" . | nindent 8 }} + {{- if .Values.podLabels }} + {{- include "common.tplvalues.render" (dict "value" .Values.podLabels "context" $) | nindent 8 }} + {{- end }} spec: {{- with .Values.imagePullSecrets }} imagePullSecrets: @@ -34,7 +44,7 @@ spec: securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} {{- with .Values.hostAliases }} - hostAliases: + hostAliases: {{- toYaml . | nindent 8 }} {{- end }} containers: diff --git a/charts/dex/templates/hpa.yaml b/charts/dex/templates/hpa.yaml index f381c7d7..d6abdd91 100644 --- a/charts/dex/templates/hpa.yaml +++ b/charts/dex/templates/hpa.yaml @@ -5,6 +5,13 @@ metadata: name: {{ include "dex.fullname" . }} labels: {{- include "dex.labels" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + annotations: + {{- if .Values.commonAnnotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} spec: scaleTargetRef: apiVersion: apps/v1 diff --git a/charts/dex/templates/ingress.yaml b/charts/dex/templates/ingress.yaml index bde85896..3330a70a 100644 --- a/charts/dex/templates/ingress.yaml +++ b/charts/dex/templates/ingress.yaml @@ -18,10 +18,16 @@ metadata: name: {{ $fullName }} labels: {{- include "dex.labels" . | nindent 4 }} - {{- with .Values.ingress.annotations }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} annotations: - {{- toYaml . | nindent 4 }} - {{- end }} + {{- if .Values.commonAnnotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} + {{- with .Values.ingress.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} spec: {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} ingressClassName: {{ .Values.ingress.className }} diff --git a/charts/dex/templates/poddisruptionbudget.yaml b/charts/dex/templates/poddisruptionbudget.yaml index 6ec1032a..f1372ac2 100644 --- a/charts/dex/templates/poddisruptionbudget.yaml +++ b/charts/dex/templates/poddisruptionbudget.yaml @@ -8,7 +8,14 @@ kind: PodDisruptionBudget metadata: name: {{ template "dex.fullname" . }} labels: -{{ include "dex.labels" . | indent 4 }} + {{ include "dex.labels" . | indent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + annotations: + {{- if .Values.commonAnnotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} spec: {{- with .Values.podDisruptionBudget.minAvailable }} minAvailable: {{ . }} diff --git a/charts/dex/templates/rbac.yaml b/charts/dex/templates/rbac.yaml index 4ec0bb82..8f1f136b 100644 --- a/charts/dex/templates/rbac.yaml +++ b/charts/dex/templates/rbac.yaml @@ -5,6 +5,13 @@ metadata: name: {{ include "dex.fullname" . }} labels: {{- include "dex.labels" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + annotations: + {{- if .Values.commonAnnotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} rules: - apiGroups: ["dex.coreos.com"] resources: ["*"] diff --git a/charts/dex/templates/secret.yaml b/charts/dex/templates/secret.yaml index 27d39546..3b30b00f 100644 --- a/charts/dex/templates/secret.yaml +++ b/charts/dex/templates/secret.yaml @@ -5,6 +5,13 @@ metadata: name: {{ include "dex.configSecretName" . }} labels: {{- include "dex.labels" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + annotations: + {{- if .Values.commonAnnotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} type: Opaque data: config.yaml: {{ .Values.config | toYaml | b64enc | quote }} diff --git a/charts/dex/templates/service.yaml b/charts/dex/templates/service.yaml index 8114e8d5..74a9d1e0 100644 --- a/charts/dex/templates/service.yaml +++ b/charts/dex/templates/service.yaml @@ -4,10 +4,16 @@ metadata: name: {{ include "dex.fullname" . }} labels: {{- include "dex.labels" . | nindent 4 }} - {{- with .Values.service.annotations }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} annotations: - {{- toYaml . | nindent 4 }} - {{- end }} + {{- if .Values.commonAnnotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} + {{- with .Values.service.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} spec: type: {{ .Values.service.type }} {{- with .Values.service.clusterIP }} diff --git a/charts/dex/templates/serviceaccount.yaml b/charts/dex/templates/serviceaccount.yaml index 30c3ddd9..f248db86 100644 --- a/charts/dex/templates/serviceaccount.yaml +++ b/charts/dex/templates/serviceaccount.yaml @@ -5,8 +5,14 @@ metadata: name: {{ include "dex.serviceAccountName" . }} labels: {{- include "dex.labels" . | nindent 4 }} - {{- with .Values.serviceAccount.annotations }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} annotations: - {{- toYaml . | nindent 4 }} - {{- end }} + {{- if .Values.commonAnnotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} + {{- with .Values.serviceAccount.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- end }} diff --git a/charts/dex/values.yaml b/charts/dex/values.yaml index 11cfb15a..884cf6eb 100644 --- a/charts/dex/values.yaml +++ b/charts/dex/values.yaml @@ -24,6 +24,13 @@ nameOverride: "" # -- A name to substitute for the full names of resources. fullnameOverride: "" +## @param commonLabels Labels to add to all deployed objects +## +commonLabels: {} +## @param commonAnnotations Annotations to add to all deployed objects +## +commonAnnotations: {} + # -- A list of hosts and IPs that will be injected into the pod's hosts file if specified. # See the [API reference](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#hostname-and-name-resolution) hostAliases: [] @@ -83,7 +90,13 @@ rbac: # If disabled, the operator is responsible for creating the necessary resources based on the templates. create: true -# -- Annotations to be added to pods. +## @param podLabels Extra labels for OAuth2 Proxy pods +## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ +## +podLabels: {} +## @param podAnnotations Annotations for OAuth2 Proxy pods +## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ +## podAnnotations: {} podDisruptionBudget: @@ -102,12 +115,14 @@ priorityClassName: "" # -- Pod [security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod). # See the [API reference](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#security-context) for details. -podSecurityContext: {} +podSecurityContext: + {} # fsGroup: 2000 # -- Container [security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container). # See the [API reference](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#security-context-1) for details. -securityContext: {} +securityContext: + {} # capabilities: # drop: # - ALL @@ -155,7 +170,8 @@ ingress: className: "" # -- Annotations to be added to the ingress. - annotations: {} + annotations: + {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" @@ -177,7 +193,8 @@ ingress: # -- Container resource [requests and limits](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/). # See the [API reference](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#resources) for details. # @default -- No requests or limits. -resources: {} +resources: + {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following