feat(security-apps): Add dex-k8s-authenticator

charts/security-apps/Chart.yaml

@@ -3,8 +3,8 @@ name: security-apps
 description: Argo CD app-of-apps config for security applications
 type: application
 # version and appVersion are in sync in this chart!
-version: 0.35.0
-appVersion: 0.35.0
+version: 0.36.0
+appVersion: 0.36.0
 home: https://github.com/adfinis-sygroup/helm-charts/tree/master/charts/security-apps
 sources:
   - https://github.com/adfinis-sygroup/helm-charts

charts/security-apps/examples/dex-k8s-authenticator.yaml

@@ -0,0 +1,34 @@
+dexK8sAuthenticator:
+  enabled: true
+  project: infra-dex-k8s-authenticator
+  values:
+    global:
+      deployEnv: dev
+    dexK8sAuthenticator:
+      debug: false
+      web_path_prefix: /
+      #logoUrl: http://<path-to-your-logo.png>
+      #tlsCert: /path/to/dex-client.crt
+      #tlsKey: /path/to/dex-client.key
+      clusters:
+      - name: my-cluster
+        short_description: "My Cluster"
+        description: "Example Cluster Long Description..."
+        client_secret: "client_Secret"
+        issuer: https://dex.example.com
+        k8s_master_uri: https://my-cluster.example.com
+        client_id: my-cluster
+        redirect_uri: https://login.example.com/callback/my-cluster
+        k8s_ca_uri: https://url-to-your-ca.crt
+    ingress:
+      enabled: true
+      annotations: {}
+        cert-manager.io/cluster-issuer: letsencrypt-staging
+        kubernetes.io/ingress.class: nginx
+        kubernetes.io/tls-acme: "true"
+      hosts: ["my.example.com"]
+      # ingress.tls -- Ingress TLS options
+      tls:
+        - secretName: customer-center-tls
+          hosts:
+            - my.example.com

charts/security-apps/templates/dex-k8s-authenticator.yaml

@@ -0,0 +1,33 @@
+{{ if .Values.dexK8sAuthenticator.enabled }}
+{{ template "argoconfig.application" (list . "security-apps.dexK8sAuthenticator") }}
+{{ end }}
+
+{{- define "security-apps.dexK8sAuthenticator" -}}{{- $app := unset .Values.dexK8sAuthenticator "enabled" -}}{{- $name := default $app.destination.namespace $app.name -}}
+metadata:
+  name: {{ template "common.fullname" . }}-{{ $name }}
+spec:
+  {{- if $app.project }}
+  project: {{ $app.project | quote }}
+  {{- end }}
+  source:
+    repoURL: {{ $app.repoURL | quote }}
+    path: {{ $app.repoPath | quote }}
+    targetRevision: {{ $app.targetRevision | quote }}
+    helm:
+      releaseName: {{ $name | quote }}
+      values: |-
+        nameOverride: {{ $name | quote }}
+        {{- $app.values | toYaml | nindent 8 }}
+  {{- if $app.destination }}
+  destination:
+    {{ $app.destination | toYaml | nindent 4 }}
+  {{- end }}
+  {{- if $app.syncPolicy }}
+  syncPolicy:
+    {{ $app.syncPolicy | toYaml | nindent 4 }}
+  {{- end }}
+  {{- if $app.ignoreDifferences }}
+  ignoreDifferences:
+    {{ $app.ignoreDifferences | toYaml | nindent 4 }}
+  {{- end }}
+{{- end -}}

charts/security-apps/values.yaml

@@ -18,8 +18,30 @@ dex:
   # @default -- [upstream values](https://github.com/dexidp/helm-charts/tree/master/charts/dex/values.yaml)
   values: {}
 
-# gangway -- [gangway](https://github.com/heptiolabs/gangway/) ([example](./examples/gangway.yaml))
+# dexK8sAuthenticator -- [dex-k8s-authenticator](https://github.com/mintel/dex-k8s-authenticator) ([example](./examples/dex-k8s-authenticator.yaml))
 # @default -- -
+dexK8sAuthenticator:
+  # dexK8sAuthenticator.enabled -- Enable dex-k8s-authenticator
+  enabled: false
+  name: dex-k8s-authenticator
+  destination:
+    # dexK8sAuthenticator.destination.namespace -- Namespace
+    namespace: "infra-dex-k8s-authenticator"
+  # dexK8sAuthenticator.repoURL -- Repo URL
+  # @default -- [repo](https://github.com/mintel/dex-k8s-authenticator.git)
+  repoURL: "https://github.com/mintel/dex-k8s-authenticator.git"
+  # dexK8sAuthenticator.repoPath -- Repo Path
+  repoPath: "charts/dex-k8s-authenticator"
+  # dexK8sAuthenticator.chart -- Chart
+  chart: "dexK8sAuthenticator"
+  # dexK8sAuthenticator.targetRevision -- [dex-k8s-authenticator Helm chart](https://github.com/mintel/dex-k8s-authenticator/tree/master/charts/dex-k8s-authenticator/) version
+  targetRevision: "v1.4.0"
+  # dexK8sAuthenticator.values -- Helm values
+  # @default -- [upstream values](https://github.com/mintel/dex-k8s-authenticator/tree/master/charts/dex-k8s-authenticator/values.yaml)
+  values: {}
+
+# gangway -- [gangway](https://github.com/heptiolabs/gangway/) is DEPRECATED, use dexK8sAuthenticator instead
+# @default -- DEPRECATED
 gangway:
   # gangway.enabled -- Enable gangway
   enabled: false