Add oidc issuerURL and clientID to kluster spec (#880)

sapcc · Feb 22, 2024 · 1f09842 · 1f09842
1 parent be93bd5
commit 1f09842
Show file tree

Hide file tree

Showing 5 changed files with 155 additions and 4 deletions.
diff --git a/pkg/api/models/kluster_spec.go b/pkg/api/models/kluster_spec.go
diff --git a/pkg/api/models/o_id_c.go b/pkg/api/models/o_id_c.go
diff --git a/pkg/api/spec/embedded_spec.go b/pkg/api/spec/embedded_spec.go
diff --git a/pkg/util/helm/helm.go b/pkg/util/helm/helm.go
@@ -61,10 +61,11 @@ type etcdBackupValues struct {
 }
 
 type apiValues struct {
-	ApiserverHost      string `yaml:"apiserverHost,omitempty" json:"apiserverHost,omitempty"`
-	WormholeHost       string `yaml:"wormholeHost,omitempty" json:"wormholeHost,omitempty"`
-	CORSAllowedOrigins string `yaml:"corsAllowedOrigins,omitempty" json:"corsAllowedOrigins,omitempty"`
-	SNICertSecret      string `yaml:"sniCertSecret,omitempty" json:"sniCertSecret,omitempty"`
+	ApiserverHost      string     `yaml:"apiserverHost,omitempty" json:"apiserverHost,omitempty"`
+	WormholeHost       string     `yaml:"wormholeHost,omitempty" json:"wormholeHost,omitempty"`
+	CORSAllowedOrigins string     `yaml:"corsAllowedOrigins,omitempty" json:"corsAllowedOrigins,omitempty"`
+	SNICertSecret      string     `yaml:"sniCertSecret,omitempty" json:"sniCertSecret,omitempty"`
+	OIDC               oidcValues `yaml:"oidc,omitempty" json:"oidc,omitempty"`
 }
 
 type versionValues struct {
@@ -83,6 +84,11 @@ type dexValues struct {
 	Connectors         dexConnectors  `yaml:"connectors,omitempty" json:"connectors,omitempty"`
 }
 
+type oidcValues struct {
+	IssuerURL string `yaml:"issuerURL,omitempty" json:"issuerURL,omitempty"`
+	ClientID  string `yaml:"clientID,omitempty" json:"clientID,omitempty"`
+}
+
 type dexConnectors struct {
 	Keystone dexKeystoneConnector `yaml:"keystone" json:"keystone"`
 	LDAP     dexLDAPConnector     `yaml:"ldap" json:"ldap"`
@@ -230,6 +236,12 @@ func KlusterToHelmValues(kluster *v1.Kluster, secret *v1.Secret, kubernetesVersi
 			UseOctavia:          true,
 		}
 	}
+	if kluster.Spec.Oidc != nil {
+		values.Api.OIDC = oidcValues{
+			IssuerURL: kluster.Spec.Oidc.IssuerURL,
+			ClientID:  kluster.Spec.Oidc.ClientID,
+		}
+	}
 
 	result, err := yaml.Marshal(values)
 	if err != nil {

diff --git a/swagger.yml b/swagger.yml
@@ -557,6 +557,16 @@ definitions:
         default: false
       seedKubeadm:
         type: boolean
+      oidc:
+        $ref: '#/definitions/OIDC'
+  OIDC:
+    type: object
+    x-nullable: true
+    properties:
+      issuerURL:
+        type: string
+      clientID:
+        type: string
   OpenstackSpec:
     type: object
     x-nullable: false