mirror of
https://github.com/bitnami/charts.git
synced 2026-02-28 15:37:42 +08:00
[bitnami/oauth2-proxy] add useApplicationDefaultCredentials google (#30309)
* [bitnami/oauth2-proxy] add useApplicationDefaultCredentials google Signed-off-by: claudio_viera <cl_fran_vm@hotmail.com> * Update CHANGELOG.md Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update CHANGELOG.md Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/oauth2-proxy] add useApplicationDefaultCredentials google Signed-off-by: claudio_viera <cl_fran_vm@hotmail.com> * Update CHANGELOG.md Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: claudio_viera <cl_fran_vm@hotmail.com> Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Co-authored-by: Bitnami Containers <bitnami-bot@vmware.com>
This commit is contained in:
committed by
GitHub
parent
7409ca4c21
commit
5ee114cbf8
@@ -1,8 +1,14 @@
|
||||
# Changelog
|
||||
|
||||
## 6.0.6 (2024-11-07)
|
||||
## 6.1.0 (2024-11-26)
|
||||
|
||||
* [bitnami/oauth2-proxy] Release 6.0.6 ([#30288](https://github.com/bitnami/charts/pull/30288))
|
||||
* [bitnami/oauth2-proxy] add useApplicationDefaultCredentials google ([#30309](https://github.com/bitnami/charts/pull/30309))
|
||||
|
||||
## <small>6.0.6 (2024-11-07)</small>
|
||||
|
||||
* [bitnami/*] Remove wrong comment about imagePullPolicy (#30107) ([a51f9e4](https://github.com/bitnami/charts/commit/a51f9e4bb0fbf77199512d35de7ac8abe055d026)), closes [#30107](https://github.com/bitnami/charts/issues/30107)
|
||||
* [bitnami/oauth2-proxy] Release 6.0.6 (#30288) ([763b6aa](https://github.com/bitnami/charts/commit/763b6aad5acfa854f0e62dfdb026ef78e2803f57)), closes [#30288](https://github.com/bitnami/charts/issues/30288)
|
||||
* Update documentation links to techdocs.broadcom.com (#29931) ([f0d9ad7](https://github.com/bitnami/charts/commit/f0d9ad78f39f633d275fc576d32eae78ded4d0b8)), closes [#29931](https://github.com/bitnami/charts/issues/29931)
|
||||
|
||||
## <small>6.0.5 (2024-10-08)</small>
|
||||
|
||||
|
||||
@@ -35,4 +35,4 @@ maintainers:
|
||||
name: oauth2-proxy
|
||||
sources:
|
||||
- https://github.com/bitnami/charts/tree/main/bitnami/oauth2-proxy
|
||||
version: 6.0.6
|
||||
version: 6.1.0
|
||||
|
||||
@@ -209,28 +209,29 @@ The [Bitnami OAuth2 Proxy](https://github.com/bitnami/containers/tree/main/bitna
|
||||
|
||||
### OAuth2 Proxy configuration parameters
|
||||
|
||||
| Name | Description | Value |
|
||||
| ------------------------------------------------------ | -------------------------------------------------------------------------------------------------------- | ------------------ |
|
||||
| `configuration.clientID` | OAuth client ID | `XXXXXXX` |
|
||||
| `configuration.clientSecret` | OAuth client secret | `XXXXXXXX` |
|
||||
| `configuration.cookieSecret` | OAuth cookie secret | `XXXXXXXXXXXXXXXX` |
|
||||
| `configuration.existingSecret` | Secret with the client ID, secret and cookie secret | `""` |
|
||||
| `configuration.google.enabled` | Enable Google service account | `false` |
|
||||
| `configuration.google.adminEmail` | Google admin email | `""` |
|
||||
| `configuration.google.groups` | Restrict logins to members of these google groups | `[]` |
|
||||
| `configuration.google.serviceAccountJson` | Google Service account JSON | `""` |
|
||||
| `configuration.google.existingSecret` | Existing secret containing Google Service Account | `""` |
|
||||
| `configuration.content` | Default configuration | `""` |
|
||||
| `configuration.existingConfigmap` | Configmap with the OAuth2 Proxy configuration | `""` |
|
||||
| `configuration.authenticatedEmailsFile.enabled` | Enable authenticated emails file | `false` |
|
||||
| `configuration.authenticatedEmailsFile.content` | Restricted access list (one email per line) | `""` |
|
||||
| `configuration.authenticatedEmailsFile.existingSecret` | Secret with the authenticated emails file | `""` |
|
||||
| `configuration.htpasswdFile.enabled` | Enable htpasswd file | `false` |
|
||||
| `configuration.htpasswdFile.existingSecret` | Existing secret for htpasswd file | `""` |
|
||||
| `configuration.htpasswdFile.content` | htpasswd file entries (one row per user) | `""` |
|
||||
| `configuration.oidcIssuerUrl` | OpenID Connect issuer URL | `""` |
|
||||
| `configuration.redirectUrl` | OAuth Redirect URL | `""` |
|
||||
| `configuration.whiteList` | Allowed domains for redirection after authentication. Prefix domain with a . or a *. to allow subdomains | `""` |
|
||||
| Name | Description | Value |
|
||||
| ------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------- | ------------------ |
|
||||
| `configuration.clientID` | OAuth client ID | `XXXXXXX` |
|
||||
| `configuration.clientSecret` | OAuth client secret | `XXXXXXXX` |
|
||||
| `configuration.cookieSecret` | OAuth cookie secret | `XXXXXXXXXXXXXXXX` |
|
||||
| `configuration.existingSecret` | Secret with the client ID, secret and cookie secret | `""` |
|
||||
| `configuration.google.enabled` | Enable Google service account | `false` |
|
||||
| `configuration.google.useApplicationDefaultCredentials` | Use the application-default credentials (i.e. Workload Identity on GKE) instead of providing a service account JSON | `false` |
|
||||
| `configuration.google.adminEmail` | Google admin email | `""` |
|
||||
| `configuration.google.groups` | Restrict logins to members of these google groups | `[]` |
|
||||
| `configuration.google.serviceAccountJson` | Google Service account JSON | `""` |
|
||||
| `configuration.google.existingSecret` | Existing secret containing Google Service Account | `""` |
|
||||
| `configuration.content` | Default configuration | `""` |
|
||||
| `configuration.existingConfigmap` | Configmap with the OAuth2 Proxy configuration | `""` |
|
||||
| `configuration.authenticatedEmailsFile.enabled` | Enable authenticated emails file | `false` |
|
||||
| `configuration.authenticatedEmailsFile.content` | Restricted access list (one email per line) | `""` |
|
||||
| `configuration.authenticatedEmailsFile.existingSecret` | Secret with the authenticated emails file | `""` |
|
||||
| `configuration.htpasswdFile.enabled` | Enable htpasswd file | `false` |
|
||||
| `configuration.htpasswdFile.existingSecret` | Existing secret for htpasswd file | `""` |
|
||||
| `configuration.htpasswdFile.content` | htpasswd file entries (one row per user) | `""` |
|
||||
| `configuration.oidcIssuerUrl` | OpenID Connect issuer URL | `""` |
|
||||
| `configuration.redirectUrl` | OAuth Redirect URL | `""` |
|
||||
| `configuration.whiteList` | Allowed domains for redirection after authentication. Prefix domain with a . or a *. to allow subdomains | `""` |
|
||||
|
||||
### OAuth2 Proxy deployment parameters
|
||||
|
||||
|
||||
@@ -99,7 +99,11 @@ spec:
|
||||
{{- end }}
|
||||
{{- if .Values.configuration.google.enabled }}
|
||||
- --google-admin-email={{ .Values.configuration.google.adminEmail }}
|
||||
{{- if .Values.configuration.google.useApplicationDefaultCredentials }}
|
||||
- --google-use-application-default-credentials=true
|
||||
{{- else }}
|
||||
- --google-service-account-json=/bitnami/oauth2-proxy/conf/google/service-account.json
|
||||
{{- end }}
|
||||
{{- if .Values.configuration.google.groups }}
|
||||
{{- range $group := .Values.configuration.google.groups }}
|
||||
- --google-group={{ $group }}
|
||||
|
||||
@@ -352,6 +352,7 @@ configuration:
|
||||
## Alternatively, use an existing secret (see secret-google.yaml for required fields)
|
||||
##
|
||||
## @param configuration.google.enabled Enable Google service account
|
||||
## @param configuration.google.useApplicationDefaultCredentials Use the application-default credentials (i.e. Workload Identity on GKE) instead of providing a service account JSON
|
||||
## @param configuration.google.adminEmail Google admin email
|
||||
## @param configuration.google.groups Restrict logins to members of these google groups
|
||||
## @param configuration.google.serviceAccountJson Google Service account JSON
|
||||
@@ -359,6 +360,7 @@ configuration:
|
||||
##
|
||||
google:
|
||||
enabled: false
|
||||
useApplicationDefaultCredentials: false
|
||||
adminEmail: ""
|
||||
groups: []
|
||||
serviceAccountJson: ""
|
||||
|
||||
Reference in New Issue
Block a user