fix: keycloak idp.clientID value now generated

redkubes · Aug 27, 2021 · cd71691 · cd71691
1 parent fa4fda9
commit cd71691
Show file tree

Hide file tree

Showing 4 changed files with 5 additions and 4 deletions.
diff --git a/src/cmd/bootstrap.ts b/src/cmd/bootstrap.ts
@@ -185,9 +185,9 @@ export const bootstrapValues = async (): Promise<void> => {
   if (isChart()) {
     const vals = await hfValues()
 
-    await nothrow($`kubectl create secret generic otomi-passwords --from-literal='admin'='${vals.otomi.adminPassword}'`)
+    await nothrow($`kubectl create secret generic otomi-password --from-literal='admin'='${vals.otomi.adminPassword}'`)
     debug.log(
-      'A kubernetes secret has been created under the `otomi` namespace called `otomi-password` which contains all the generated passwords.',
+      'A kubernetes secret has been created in the `default` namespace called `otomi-password` which contains the `otomi.adminPassword`. You should know what to do with it ;)',
     )
     await mapValuesObjectIntoFiles(values)
   }

diff --git a/values-schema.yaml b/values-schema.yaml
@@ -1499,6 +1499,7 @@ properties:
                 type: string
               clientID:
                 type: string
+                x-secret: '"otomi"'
               clientSecret:
                 type: string
                 x-secret: 'randAlpha 20'

diff --git a/values/gitea/gitea.gotmpl b/values/gitea/gitea.gotmpl
@@ -73,7 +73,7 @@ gitea:
       prometheusSelector: system
   oauth:
     enabled: true
-    name: {{ $hasKeycloak | ternary $k.idp.alias "otomi" }}
+    name: {{ $hasKeycloak | ternary ($k | get "idp.alias" "otomi") "otomi" }}
     provider: openidConnect
     key: {{ $hasKeycloak | ternary $k.idp.clientID $o.clientID }}
     secret: {{ $hasKeycloak | ternary $k.idp.clientSecret $o.clientSecret }}

diff --git a/values/jobs/keycloak.gotmpl b/values/jobs/keycloak.gotmpl
@@ -42,7 +42,7 @@ nativeSecrets:
   KEYCLOAK_ADDRESS: https://keycloak.{{ $v.cluster.domainSuffix }}
   KEYCLOAK_ADMIN: {{ $k | get "admin.username" "admin" }}
   KEYCLOAK_ADMIN_PASSWORD: {{ $k | get "adminPassword" $v.otomi.adminPassword }}
-  KEYCLOAK_CLIENT_ID: {{ $k | get "idp.clientID" "otomi" }}
+  KEYCLOAK_CLIENT_ID: {{ $k.idp.clientID }}
   KEYCLOAK_CLIENT_SECRET: {{ $k.idp.clientSecret }}
   IDP_ALIAS: {{ $k | get "idp.alias" "otomi-idp" }}
   IDP_USERNAME_CLAIM_MAPPER: {{ $v | get "oidc.usernameClaimMapper" "${CLAIM.upn}" }}