go/oauth2-proxy
1
0
Fork 0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2025-04-25 12:24:41 +02:00
Code Issues Releases Activity

chore: Added renovate configuration

Browse Source
This commit is contained in:
kvanzuijlen 2024-01-27 09:57:42 +01:00
parent 84e1cc24e3
commit dd5576f2b2
No known key found for this signature in database
GPG Key ID: 3BD884D2AE99AD59
20 changed files with 2114 additions and 2251 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/labeler.yml vendored
View File

@ -9,7 +9,7 @@ docs:
- '**/*.md' - '**/*.md'
changelog: changelog:
- cNhanged-files: - changed-files:
- any-glob-to-any-file: - any-glob-to-any-file:
- 'CHAGELOG.md' - 'CHAGELOG.md'

35
.github/renovate.json5 vendored
View File

@ -1,12 +1,31 @@
{ {
$schema: "https://docs.renovatebot.com/renovate-schema.json", $schema: "https://docs.renovatebot.com/renovate-schema.json",
semanticCommits: "auto", semanticCommits: "enabled",
schedule: [
"after 8am on sunday"
],
prConcurrentLimit: 0,
prHourlyLimit: 0,
enabledManagers: [ enabledManagers: [
"dockerfile", "dockerfile",
"docker-compose",
"gomod", "gomod",
"github-actions", "github-actions",
"helmv3",
"npm", "npm",
"regex", "regex"
],
packageRules: [
{
matchManagers: [
"dockerfile",
"docker-compose",
"gomod",
"helmv3",
"npm"
],
groupName: "{{{manager}}}"
}
], ],
customManagers: [ customManagers: [
{ {
@ -18,7 +37,15 @@
"DOCKER_BUILD_RUNTIME_IMAGE_ALPINE\\s+?\\?= alpine:(?<currentValue>.*)\\s" "DOCKER_BUILD_RUNTIME_IMAGE_ALPINE\\s+?\\?= alpine:(?<currentValue>.*)\\s"
], ],
depNameTemplate: "alpine", depNameTemplate: "alpine",
datasourceTemplate: "docker", datasourceTemplate: "docker"
}, },
], {
customType: "regex",
fileMatch: ["(^|/)\\.github/workflows/[^/]+\\.ya?ml$", "(^|/)\\.github/[^/]+\\.sh$"],
matchStrings: [
"# renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)( versioning=(?<versioning>.*?))?\\s+?[\\w\\s-]*?version: (?<currentValue>.*)\\s",
"# renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)( versioning=(?<versioning>.*?))?\\s+?[\\w\\s]*?_VERSION: (?<currentValue>.*)\\s"
]
}
]
} }

14
.github/workflows/ci.yaml vendored
View File

@ -14,21 +14,25 @@ jobs:
build: build:
env: env:
COVER: true COVER: true
runs-on: ubuntu-22.04 runs-on: ubuntu-latest
steps: steps:
- name: Check out code - name: Check out code
uses: actions/checkout@v4 uses: actions/checkout@v4
- name: Set up Go 1.21 - name: Set up Go
uses: actions/setup-go@v5 uses: actions/setup-go@v5
with: with:
go-version: 1.21 # renovate: datasource=golang-version depName=golang
go-version: 1.21.6
id: go id: go
- name: Get dependencies - name: Get dependencies
env:
# renovate: datasource=github-tags depName=golangci/golangci-lint
GOLANGCI_LINT_VERSION: v1.55.2
run: | run: |
curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.55.2 curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin ${GOLANGCI_LINT_VERSION}
curl -L https://codeclimate.com/downloads/test-reporter/test-reporter-latest-linux-amd64 > ./cc-test-reporter curl -L https://codeclimate.com/downloads/test-reporter/test-reporter-latest-linux-amd64 > ./cc-test-reporter
chmod +x ./cc-test-reporter chmod +x ./cc-test-reporter
@ -51,7 +55,7 @@ jobs:
./.github/workflows/test.sh ./.github/workflows/test.sh
docker: docker:
runs-on: ubuntu-22.04 runs-on: ubuntu-latest
steps: steps:
- name: Check out code - name: Check out code

3
.github/workflows/create-release.yml vendored
View File

@ -56,7 +56,8 @@ jobs:
- name: Setup node - name: Setup node
uses: actions/setup-node@v4 uses: actions/setup-node@v4
with: with:
node-version: latest # renovate: datasource=node-version depName=node
node-version: 20
- name: Update documentation - name: Update documentation
run: | run: |

2
.github/workflows/docs.yaml vendored
View File

@ -22,6 +22,7 @@ jobs:
- uses: actions/setup-node@v4 - uses: actions/setup-node@v4
with: with:
# renovate: datasource=node-version depName=node
node-version: 20 node-version: 20
cache: npm cache: npm
cache-dependency-path: "./docs/package-lock.json" cache-dependency-path: "./docs/package-lock.json"
@ -40,6 +41,7 @@ jobs:
- uses: actions/setup-node@v4 - uses: actions/setup-node@v4
with: with:
# renovate: datasource=node-version depName=node
node-version: 20 node-version: 20
- name: Build docusaurus - name: Build docusaurus

12
.github/workflows/publish-release.yml vendored
View File

@ -45,12 +45,18 @@ jobs:
- name: Set up go - name: Set up go
uses: actions/setup-go@v5 uses: actions/setup-go@v5
with: with:
go-version: 1.21 # renovate: datasource=golang-version depName=golang
go-version: 1.21.6
- name: Get dependencies - name: Get dependencies
env:
# renovate: datasource=github-tags depName=golangci/golangci-lint
GOLANGCI_LINT_VERSION: v1.55.2
# renovate: datasource=github-tags depName=codeclimate/test-reporter
CODECLIMATE_VERSION: v0.11.1
run: | run: |
curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.50.0 curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin ${GOLANGCI_LINT_VERSION}
curl -L https://codeclimate.com/downloads/test-reporter/test-reporter-latest-linux-amd64 > ./cc-test-reporter curl -L https://codeclimate.com/downloads/test-reporter/test-reporter-${CODECLIMATE_VERSION}-linux-amd64 > ./cc-test-reporter
chmod +x ./cc-test-reporter chmod +x ./cc-test-reporter
# Install go depedencies # Install go depedencies

6
contrib/local-environment/docker-compose-gitea.yaml
View File

@ -14,7 +14,7 @@ version: '3.0'
services: services:
oauth2-proxy: oauth2-proxy:
container_name: oauth2-proxy container_name: oauth2-proxy
image: gitea-oauth #quay.io/oauth2-proxy/oauth2-proxy:v7.5.1 image: quay.io/oauth2-proxy/oauth2-proxy:v7.5.1
command: --config /oauth2-proxy.cfg command: --config /oauth2-proxy.cfg
hostname: oauth2-proxy hostname: oauth2-proxy
volumes: volumes:
@ -32,7 +32,7 @@ services:
httpbin: httpbin:
container_name: httpbin container_name: httpbin
image: kennethreitz/httpbin:latest image: kennethreitz/httpbin
hostname: httpbin hostname: httpbin
ports: ports:
- 8080:80 - 8080:80
@ -42,7 +42,7 @@ services:
- httpbin.localtest.me - httpbin.localtest.me
gitea: gitea:
image: gitea/gitea:latest image: gitea/gitea:1.21.4
container_name: gitea container_name: gitea
environment: environment:
- USER_UID=1000 - USER_UID=1000

2
contrib/local-environment/docker-compose-keycloak.yaml
View File

@ -43,7 +43,7 @@ services:
keycloak: keycloak:
container_name: keycloak container_name: keycloak
image: jboss/keycloak:10.0.0 image: jboss/keycloak:10.0.2
hostname: keycloak hostname: keycloak
command: command:
[ [

2
contrib/local-environment/docker-compose-nginx.yaml
View File

@ -30,7 +30,7 @@ services:
oauth2-proxy: {} oauth2-proxy: {}
nginx: nginx:
container_name: nginx container_name: nginx
image: nginx:1.18 image: nginx:1.25
restart: unless-stopped restart: unless-stopped
ports: ports:
- 80:80/tcp - 80:80/tcp

2
contrib/local-environment/docker-compose-traefik.yaml
View File

@ -33,7 +33,7 @@ services:
# Reverse proxy # Reverse proxy
gateway: gateway:
container_name: traefik container_name: traefik
image: traefik:2.4.2 image: traefik:2.10.7
volumes: volumes:
- "./traefik:/etc/traefik" - "./traefik:/etc/traefik"
ports: ports:

4
contrib/local-environment/docker-compose.yaml
View File

@ -29,7 +29,7 @@ services:
- httpbin - httpbin
dex: dex:
container_name: dex container_name: dex
image: ghcr.io/dexidp/dex:v2.30.3 image: ghcr.io/dexidp/dex:v2.38.0
command: dex serve /dex.yaml command: dex serve /dex.yaml
hostname: dex hostname: dex
volumes: volumes:
@ -55,7 +55,7 @@ services:
- httpbin.localtest.me - httpbin.localtest.me
etcd: etcd:
container_name: etcd container_name: etcd
image: gcr.io/etcd-development/etcd:v3.4.7 image: gcr.io/etcd-development/etcd:v3.5.11
entrypoint: /usr/local/bin/etcd entrypoint: /usr/local/bin/etcd
command: command:
- --listen-client-urls=http://0.0.0.0:2379 - --listen-client-urls=http://0.0.0.0:2379

3597
contrib/local-environment/keycloak/master-realm.json
View File

File diff suppressed because it is too large Load Diff

61
contrib/local-environment/keycloak/master-users-0.json
View File

@ -1,27 +1,38 @@
{ {
"realm" : "master", "realm": "master",
"users" : [ { "users": [
"id" : "3356c0a0-d4d5-4436-9c5a-2299c71c08ec", {
"createdTimestamp" : 1591297959169, "id": "3356c0a0-d4d5-4436-9c5a-2299c71c08ec",
"username" : "admin@example.com", "createdTimestamp": 1591297959169,
"email" : "admin@example.com", "username": "admin@example.com",
"enabled" : true, "email": "admin@example.com",
"totp" : false, "enabled": true,
"emailVerified" : true, "totp": false,
"credentials" : [ { "emailVerified": true,
"id" : "a1a06ecd-fdc0-4e67-92cd-2da22d724e32", "credentials": [
"type" : "password", {
"createdDate" : 1591297959315, "id": "a1a06ecd-fdc0-4e67-92cd-2da22d724e32",
"secretData" : "{\"value\":\"6rt5zuqHVHopvd0FTFE0CYadXTtzY0mDY2BrqnNQGS51/7DfMJeGgj0roNnGMGvDv30imErNmiSOYl+cL9jiIA==\",\"salt\":\"LI0kqr09JB7J9wvr2Hxzzg==\"}", "type": "password",
"credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\"}" "createdDate": 1591297959315,
} ], "secretData": "{\"value\":\"6rt5zuqHVHopvd0FTFE0CYadXTtzY0mDY2BrqnNQGS51/7DfMJeGgj0roNnGMGvDv30imErNmiSOYl+cL9jiIA==\",\"salt\":\"LI0kqr09JB7J9wvr2Hxzzg==\"}",
"disableableCredentialTypes" : [ ], "credentialData": "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\"}"
"requiredActions" : [ ], }
"realmRoles" : [ "offline_access", "admin", "uma_authorization" ], ],
"clientRoles" : { "disableableCredentialTypes": [],
"account" : [ "view-profile", "manage-account" ] "requiredActions": [],
}, "realmRoles": [
"notBefore" : 0, "offline_access",
"groups" : [ ] "admin",
} ] "uma_authorization"
],
"clientRoles": {
"account": [
"view-profile",
"manage-account"
]
},
"notBefore": 0,
"groups": []
}
]
} }

16
contrib/local-environment/kubernetes/Chart.lock
View File

@ -1,15 +1,15 @@
dependencies: dependencies:
- name: dex - name: dex
repository: https://charts.helm.sh/stable repository: https://charts.dexidp.io
version: 2.11.0 version: 0.16.0
- name: oauth2-proxy - name: oauth2-proxy
repository: https://charts.helm.sh/stable repository: https://oauth2-proxy.github.io/manifests
version: 3.1.0 version: 6.23.1
- name: httpbin - name: httpbin
repository: https://conservis.github.io/helm-charts repository: https://conservis.github.io/helm-charts
version: 1.0.1 version: 1.1.0
- name: hello-world - name: hello-world
repository: https://conservis.github.io/helm-charts repository: https://conservis.github.io/helm-charts
version: 1.0.1 version: 1.1.0
digest: sha256:e325948ece1706bd9d9e439568985db41e9a0d57623d0f9638249cb0d23821b8 digest: sha256:00b9fe9ea476c873550f9ee1feef25f789053cd7333e68b1116212840dead0fb
generated: "2020-11-23T11:45:07.908898-08:00" generated: "2024-01-27T09:00:30.255018+01:00"

15
contrib/local-environment/kubernetes/Chart.yaml
View File

@ -1,19 +1,18 @@
apiVersion: v2 apiVersion: v2
description: K8S example based on https://kind.sigs.k8s.io description: K8S example based on https://kind.sigs.k8s.io
name: kubernetes name: kubernetes
version: 5.1.1
appVersion: 5.1.1
dependencies: dependencies:
- name: dex - name: dex
version: 2.11.0 version: 0.16.0
repository: https://charts.helm.sh/stable repository: https://charts.dexidp.io
- name: oauth2-proxy - name: oauth2-proxy
version: 3.1.0 version: &chartVersion 6.23.1
repository: https://charts.helm.sh/stable repository: https://oauth2-proxy.github.io/manifests
# https://github.com/postmanlabs/httpbin/issues/549 is still in progress, for now using a non-official chart # https://github.com/postmanlabs/httpbin/issues/549 is still in progress, for now using a non-official chart
- name: httpbin - name: httpbin
version: 1.0.1 version: 1.1.0
repository: https://conservis.github.io/helm-charts repository: https://conservis.github.io/helm-charts
- name: hello-world - name: hello-world
version: 1.0.1 version: 1.1.0
repository: https://conservis.github.io/helm-charts repository: https://conservis.github.io/helm-charts
version: *chartVersion

12
contrib/local-environment/kubernetes/Makefile
View File

@ -30,15 +30,13 @@ delete-cluster:
kind delete cluster --name oauth2-proxy kind delete cluster --name oauth2-proxy
.PHONY: deploy .PHONY: deploy
deploy: deploy: helm-deploy
kubectl apply -f oauth2-proxy-example-full.yaml
kubectl rollout status --timeout 5m deployment/oauth2-proxy-example-oauth2-proxy-sample kubectl rollout status --timeout 5m deployment/oauth2-proxy-example-oauth2-proxy-sample
kubectl rollout status --timeout 1m deployment/oauth2-proxy-example-httpbin kubectl rollout status --timeout 1m deployment/oauth2-proxy-example-httpbin
kubectl rollout status --timeout 1m deployment/oauth2-proxy-example-hello-world kubectl rollout status --timeout 1m deployment/oauth2-proxy-example-hello-world
.PHONY: undeploy .PHONY: undeploy
undeploy: undeploy: helm-undeploy
kubectl delete -f oauth2-proxy-example-full.yaml
###################### ######################
###### HELM CMDs ##### ###### HELM CMDs #####
@ -59,9 +57,3 @@ helm-deploy: helm-init
.PHONY: helm-undeploy .PHONY: helm-undeploy
helm-undeploy: helm-undeploy:
helm del oauth2-proxy-example helm del oauth2-proxy-example
# creates K8S manifest from helm chart
.PHONY: helm-create-manifest
helm-create-manifest: helm-init
echo "# WARNING: This file is auto-generated by 'make helm-create-manifest'! DO NOT EDIT MANUALLY!" > oauth2-proxy-example-full.yaml
helm template --namespace default oauth2-proxy-example . >> oauth2-proxy-example-full.yaml

6
contrib/local-environment/kubernetes/README.md
View File

@ -8,14 +8,12 @@ Before you start:
_Required_ _Required_
* install [kind](https://kind.sigs.k8s.io/docs/user/quick-start/#installation) * install [kind](https://kind.sigs.k8s.io/docs/user/quick-start/#installation)
* install [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) * install [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/)
* install [helm](https://helm.sh/docs/intro/quickstart/#install-helm).
_Optional_
* install [helm 3](https://helm.sh/docs/intro/quickstart/#install-helm).
Then: Then:
* `make create-cluster` * `make create-cluster`
* `make deploy` OR `make helm-deploy` for helm * `make deploy`
Visit http://httpbin.localtest.me or http://hello-world.localtest.me/ Visit http://httpbin.localtest.me or http://hello-world.localtest.me/

8
contrib/local-environment/kubernetes/custom-dns.yaml
View File

@ -1,4 +1,8 @@
apiVersion: v1 apiVersion: v1
kind: ConfigMap
metadata:
name: coredns
namespace: kube-system
data: data:
Corefile: | Corefile: |
.:53 { .:53 {
@ -24,7 +28,3 @@ data:
fallthrough fallthrough
} }
} }
kind: ConfigMap
metadata:
name: coredns
namespace: kube-system

2
contrib/local-environment/kubernetes/kind-cluster.yaml
View File

@ -1,5 +1,5 @@
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4 apiVersion: kind.x-k8s.io/v1alpha4
kind: Cluster
nodes: nodes:
- role: control-plane - role: control-plane
kubeadmConfigPatches: kubeadmConfigPatches:

564
contrib/local-environment/kubernetes/oauth2-proxy-example-full.yaml
View File

@ -1,564 +0,0 @@
# WARNING: This file is auto-generated by 'make helm-create-manifest'! DO NOT EDIT MANUALLY!
---
# Source: kubernetes/charts/dex/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/name: dex
helm.sh/chart: dex-2.11.0
app.kubernetes.io/instance: oauth2-proxy-example
app.kubernetes.io/version: "2.23.0"
app.kubernetes.io/managed-by: Helm
name: oauth2-proxy-example-dex
---
# Source: kubernetes/charts/hello-world/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: oauth2-proxy-example-hello-world
labels:
helm.sh/chart: hello-world-1.0.1
app.kubernetes.io/name: hello-world
app.kubernetes.io/instance: oauth2-proxy-example
app.kubernetes.io/version: "1.0.0"
app.kubernetes.io/managed-by: Helm
---
# Source: kubernetes/charts/httpbin/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: oauth2-proxy-example-httpbin
labels:
helm.sh/chart: httpbin-1.0.1
app.kubernetes.io/name: httpbin
app.kubernetes.io/instance: oauth2-proxy-example
app.kubernetes.io/version: "latest"
app.kubernetes.io/managed-by: Helm
---
# Source: kubernetes/charts/oauth2-proxy/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
app: oauth2-proxy-sample
chart: oauth2-proxy-3.1.0
release: oauth2-proxy-example
heritage: Helm
name: oauth2-proxy-example-oauth2-proxy-sample
---
# Source: kubernetes/charts/dex/templates/secret.yaml
apiVersion: v1
kind: Secret
metadata:
labels:
app.kubernetes.io/name: dex
helm.sh/chart: dex-2.11.0
app.kubernetes.io/instance: oauth2-proxy-example
app.kubernetes.io/version: "2.23.0"
app.kubernetes.io/managed-by: Helm
name: oauth2-proxy-example-dex
stringData:
config.yaml: |-
issuer: http://dex.localtest.me
storage:
config:
inCluster: true
type: kubernetes
logger:
level: debug
web:
http: 0.0.0.0:5556
oauth2:
alwaysShowLoginScreen: false
skipApprovalScreen: true
staticClients:
- id: oauth2-proxy
name: OAuth2 Proxy
redirectURIs:
- http://oauth2-proxy.localtest.me/oauth2/callback
secret: b2F1dGgyLXByb3h5LWNsaWVudC1zZWNyZXQK
enablePasswordDB: true
staticPasswords:
- email: admin@example.com
hash: $2a$10$2b2cU8CPhOTaGrs1HRQuAueS7JTT5ZHsHSzYiFPm1leZck7Mc8T4W
userID: 08a8684b-db88-4b73-90a9-3cd1661f5466
username: admin
expiry:
idTokens: 1h
signingKeys: 4h
---
# Source: kubernetes/charts/oauth2-proxy/templates/configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
labels:
app: oauth2-proxy-sample
chart: oauth2-proxy-3.1.0
heritage: Helm
release: oauth2-proxy-example
name: oauth2-proxy-example-oauth2-proxy-sample
data:
oauth2_proxy.cfg: "cookie_secret=\"OQINaROshtE9TcZkNAm-5Zs2Pv3xaWytBmc5W7sPX7w=\"\ncookie_domain=\".localtest.me\"\nwhitelist_domains=[\".localtest.me\"]\n# only users with this domain will be let in\nemail_domains=[\"example.com\"]\n\nclient_id=\"oauth2-proxy\"\nclient_secret=\"b2F1dGgyLXByb3h5LWNsaWVudC1zZWNyZXQK\"\ncookie_secure=\"false\"\n\nredirect_url=\"http://oauth2-proxy.localtest.me/oauth2/callback\"\n\n# we don't want to proxy anything so pick a non-existent directory\nupstreams = [ \"file:///dev/null\" ]\n\n# return authenticated user to nginx\nset_xauthrequest = true\n# using http://dex.localtest.me/.well-known/openid-configuration oauth2-proxy will populate\n# login_url, redeem_url, and oidc_jwks_url\nprovider=\"oidc\"\noidc_issuer_url=\"http://dex.localtest.me\""
---
# Source: kubernetes/charts/dex/templates/clusterrole.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/name: dex
helm.sh/chart: dex-2.11.0
app.kubernetes.io/instance: oauth2-proxy-example
app.kubernetes.io/version: "2.23.0"
app.kubernetes.io/managed-by: Helm
name: oauth2-proxy-example-dex
rules:
- apiGroups: ["dex.coreos.com"] # API group created by dex
resources: ["*"]
verbs: ["*"]
- apiGroups: ["apiextensions.k8s.io"]
resources: ["customresourcedefinitions"]
verbs: ["create"] # To manage its own resources, dex must be able to create customresourcedefinitions
---
# Source: kubernetes/charts/dex/templates/clusterrolebinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/name: dex
helm.sh/chart: dex-2.11.0
app.kubernetes.io/instance: oauth2-proxy-example
app.kubernetes.io/version: "2.23.0"
app.kubernetes.io/managed-by: Helm
name: oauth2-proxy-example-dex
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: oauth2-proxy-example-dex
subjects:
- kind: ServiceAccount
name: oauth2-proxy-example-dex
namespace: default
---
# Source: kubernetes/charts/dex/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: oauth2-proxy-example-dex
labels:
app.kubernetes.io/name: dex
helm.sh/chart: dex-2.11.0
app.kubernetes.io/instance: oauth2-proxy-example
app.kubernetes.io/version: "2.23.0"
app.kubernetes.io/managed-by: Helm
spec:
type: ClusterIP
sessionAffinity: None
ports:
- name: http
targetPort: http
port: 32000
selector:
app.kubernetes.io/name: dex
app.kubernetes.io/instance: oauth2-proxy-example
---
# Source: kubernetes/charts/hello-world/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: oauth2-proxy-example-hello-world
labels:
helm.sh/chart: hello-world-1.0.1
app.kubernetes.io/name: hello-world
app.kubernetes.io/instance: oauth2-proxy-example
app.kubernetes.io/version: "1.0.0"
app.kubernetes.io/managed-by: Helm
spec:
type: ClusterIP
ports:
- port: 9080
targetPort: http
protocol: TCP
name: http
selector:
app.kubernetes.io/name: hello-world
app.kubernetes.io/instance: oauth2-proxy-example
---
# Source: kubernetes/charts/httpbin/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: oauth2-proxy-example-httpbin
labels:
helm.sh/chart: httpbin-1.0.1
app.kubernetes.io/name: httpbin
app.kubernetes.io/instance: oauth2-proxy-example
app.kubernetes.io/version: "latest"
app.kubernetes.io/managed-by: Helm
spec:
type: ClusterIP
ports:
- port: 80
targetPort: http
protocol: TCP
name: http
selector:
app.kubernetes.io/name: httpbin
app.kubernetes.io/instance: oauth2-proxy-example
---
# Source: kubernetes/charts/oauth2-proxy/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
labels:
app: oauth2-proxy-sample
chart: oauth2-proxy-3.1.0
release: oauth2-proxy-example
heritage: Helm
name: oauth2-proxy-example-oauth2-proxy-sample
spec:
type: ClusterIP
ports:
- port: 80
targetPort: http
protocol: TCP
name: http
selector:
app: oauth2-proxy-sample
release: oauth2-proxy-example
---
# Source: kubernetes/charts/dex/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: oauth2-proxy-example-dex
labels:
app.kubernetes.io/name: dex
helm.sh/chart: dex-2.11.0
app.kubernetes.io/instance: oauth2-proxy-example
app.kubernetes.io/version: "2.23.0"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: dex
spec:
replicas: 1
strategy:
rollingUpdate:
maxSurge: 0
maxUnavailable: 1
type: RollingUpdate
selector:
matchLabels:
app.kubernetes.io/name: dex
app.kubernetes.io/instance: oauth2-proxy-example
app.kubernetes.io/component: dex
template:
metadata:
labels:
app.kubernetes.io/name: dex
app.kubernetes.io/instance: oauth2-proxy-example
app.kubernetes.io/component: dex
annotations:
checksum/config: 185f32cfabdf4f7467868dc301d4bd33e68951e12eddeb69f23ebc1d0f91ba28
spec:
serviceAccountName: oauth2-proxy-example-dex
nodeSelector:
{}
containers:
- name: main
image: "quay.io/dexidp/dex:v2.23.0"
imagePullPolicy: IfNotPresent
command:
- /usr/local/bin/dex
- serve
- /etc/dex/cfg/config.yaml
resources:
null
ports:
- name: http
containerPort: 5556
protocol: TCP
livenessProbe:
httpGet:
path: /healthz
port: http
initialDelaySeconds: 1
periodSeconds: 10
timeoutSeconds: 1
failureThreshold: 1
readinessProbe:
httpGet:
path: /healthz
port: http
initialDelaySeconds: 1
periodSeconds: 10
timeoutSeconds: 1
failureThreshold: 1
env:
[]
volumeMounts:
- mountPath: /etc/dex/cfg
name: config
volumes:
- secret:
defaultMode: 420
items:
- key: config.yaml
path: config.yaml
secretName: oauth2-proxy-example-dex
name: config
---
# Source: kubernetes/charts/hello-world/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: oauth2-proxy-example-hello-world
labels:
helm.sh/chart: hello-world-1.0.1
app.kubernetes.io/name: hello-world
app.kubernetes.io/instance: oauth2-proxy-example
app.kubernetes.io/version: "1.0.0"
app.kubernetes.io/managed-by: Helm
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: hello-world
app.kubernetes.io/instance: oauth2-proxy-example
template:
metadata:
labels:
app.kubernetes.io/name: hello-world
app.kubernetes.io/instance: oauth2-proxy-example
spec:
serviceAccountName: oauth2-proxy-example-hello-world
securityContext:
{}
containers:
- name: hello-world
securityContext:
{}
image: "conservis/hello-world:1.0.0"
imagePullPolicy: IfNotPresent
ports:
- name: http
containerPort: 9080
protocol: TCP
livenessProbe:
httpGet:
path: /
port: http
readinessProbe:
httpGet:
path: /
port: http
resources:
{}
---
# Source: kubernetes/charts/httpbin/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: oauth2-proxy-example-httpbin
labels:
helm.sh/chart: httpbin-1.0.1
app.kubernetes.io/name: httpbin
app.kubernetes.io/instance: oauth2-proxy-example
app.kubernetes.io/version: "latest"
app.kubernetes.io/managed-by: Helm
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: httpbin
app.kubernetes.io/instance: oauth2-proxy-example
template:
metadata:
labels:
app.kubernetes.io/name: httpbin
app.kubernetes.io/instance: oauth2-proxy-example
spec:
serviceAccountName: oauth2-proxy-example-httpbin
securityContext:
{}
containers:
- name: httpbin
securityContext:
{}
image: "kennethreitz/httpbin:latest"
imagePullPolicy: IfNotPresent
ports:
- name: http
containerPort: 80
protocol: TCP
livenessProbe:
httpGet:
path: /
port: http
readinessProbe:
httpGet:
path: /
port: http
resources:
{}
---
# Source: kubernetes/charts/oauth2-proxy/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: oauth2-proxy-sample
chart: oauth2-proxy-3.1.0
heritage: Helm
release: oauth2-proxy-example
name: oauth2-proxy-example-oauth2-proxy-sample
spec:
replicas: 1
selector:
matchLabels:
app: oauth2-proxy-sample
release: oauth2-proxy-example
template:
metadata:
annotations:
checksum/config: 5d8892a7b1d9eb03f9d59b787ce339b374fa2be51991e4e7533cb0a541984fac
checksum/config-emails: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
checksum/secret: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
checksum/google-secret: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
labels:
app: oauth2-proxy-sample
release: "oauth2-proxy-example"
spec:
serviceAccountName: oauth2-proxy-example-oauth2-proxy-sample
containers:
- name: oauth2-proxy
image: "quay.io/pusher/oauth2_proxy:v5.1.0"
imagePullPolicy: IfNotPresent
args:
- --http-address=0.0.0.0:4180
- --config=/etc/oauth2_proxy/oauth2_proxy.cfg
ports:
- containerPort: 4180
name: http
protocol: TCP
livenessProbe:
httpGet:
path: /ping
port: http
scheme: HTTP
initialDelaySeconds: 0
timeoutSeconds: 1
readinessProbe:
httpGet:
path: /ready
port: http
scheme: HTTP
initialDelaySeconds: 0
timeoutSeconds: 5
successThreshold: 1
periodSeconds: 10
resources:
{}
volumeMounts:
- mountPath: /etc/oauth2_proxy
name: configmain
volumes:
- configMap:
defaultMode: 420
name: oauth2-proxy-example-oauth2-proxy-sample
name: configmain
tolerations:
[]
---
# Source: kubernetes/charts/dex/templates/ingress.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: oauth2-proxy-example-dex
labels:
app.kubernetes.io/name: dex
helm.sh/chart: dex-2.11.0
app.kubernetes.io/instance: oauth2-proxy-example
app.kubernetes.io/version: "2.23.0"
app.kubernetes.io/managed-by: Helm
spec:
rules:
- host: "dex.localtest.me"
http:
paths:
- path: /
backend:
serviceName: oauth2-proxy-example-dex
servicePort: 32000
---
# Source: kubernetes/charts/hello-world/templates/ingress.yaml
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: oauth2-proxy-example-hello-world
labels:
helm.sh/chart: hello-world-1.0.1
app.kubernetes.io/name: hello-world
app.kubernetes.io/instance: oauth2-proxy-example
app.kubernetes.io/version: "1.0.0"
app.kubernetes.io/managed-by: Helm
annotations:
nginx.ingress.kubernetes.io/auth-response-headers: X-Auth-Request-User,X-Auth-Request-Email
nginx.ingress.kubernetes.io/auth-signin: http://oauth2-proxy.localtest.me/oauth2/start
nginx.ingress.kubernetes.io/auth-url: http://oauth2-proxy-example-oauth2-proxy-sample.default.svc.cluster.local/oauth2/auth
spec:
rules:
- host: hello-world.localtest.me
http:
paths:
- path: /
backend:
serviceName: oauth2-proxy-example-hello-world
servicePort: 9080
---
# Source: kubernetes/charts/httpbin/templates/ingress.yaml
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: oauth2-proxy-example-httpbin
labels:
helm.sh/chart: httpbin-1.0.1
app.kubernetes.io/name: httpbin
app.kubernetes.io/instance: oauth2-proxy-example
app.kubernetes.io/version: "latest"
app.kubernetes.io/managed-by: Helm
annotations:
nginx.ingress.kubernetes.io/auth-response-headers: X-Auth-Request-User,X-Auth-Request-Email
nginx.ingress.kubernetes.io/auth-signin: http://oauth2-proxy.localtest.me/oauth2/start
nginx.ingress.kubernetes.io/auth-url: http://oauth2-proxy-example-oauth2-proxy-sample.default.svc.cluster.local/oauth2/auth
spec:
rules:
- host: httpbin.localtest.me
http:
paths:
- path: /
backend:
serviceName: oauth2-proxy-example-httpbin
servicePort: 80
---
# Source: kubernetes/charts/oauth2-proxy/templates/ingress.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
labels:
app: oauth2-proxy-sample
chart: oauth2-proxy-3.1.0
heritage: Helm
release: oauth2-proxy-example
name: oauth2-proxy-example-oauth2-proxy-sample
annotations:
nginx.ingress.kubernetes.io/server-snippet: |
large_client_header_buffers 4 32k;
spec:
rules:
- host: oauth2-proxy.localtest.me
http:
paths:
- path: /
backend:
serviceName: oauth2-proxy-example-oauth2-proxy-sample
servicePort: 80