Commit f438bbd1 authored by Geoff Simmons's avatar Geoff Simmons

viking-test-app chart supports BAsic/Proxy Authentication.

parent ef6a7016
......@@ -41,3 +41,12 @@ app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the k8s name of a Secret for authentication (Basic or Proxy)
*/}}
{{- define "viking-ingress.authSecretName" -}}
{{- $n := printf "%s-%s-creds" ( include "viking-ingress.fullname" .dot ) .auth.realm | trunc 63 | lower -}}
{{- $name := mustRegexReplaceAll "[^[:alnum:].-]" $n "-" -}}
{{- trimSuffix "-" $name -}}
{{- end }}
{{- range $auth := .Values.auth }}
{{- if not $auth.creds -}}
{{- fail "auth element must have a non-empty creds field" -}}
{{- end }}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "viking-ingress.authSecretName" ( dict "dot" $ "auth" $auth ) }}
labels:
app.kubernetes.io/name: {{ include "viking-ingress.authSecretName" ( dict "dot" $ "auth" $auth ) }}
app.kubernetes.io/component: authSecret
viking.uplex.de/secret: auth
{{- include "viking-ingress.labels" $ | nindent 4 }}
data:
{{- range $name, $secret := $auth.creds }}
{{ $name }}: {{ $secret | b64enc }}
{{- end }}
---
{{- end }}
{{ if coalesce .Values.acls .Values.vcl (hasKey .Values "selfSharding") -}}
{{ if coalesce .Values.acls .Values.vcl (hasKey .Values "selfSharding") .Values.auth -}}
{{ if empty .Values.vikingAdmSvc -}}
{{ fail "Viking admin Service must be specified" -}}
{{ end -}}
......@@ -26,4 +26,18 @@ spec:
self-sharding:
{{ toYaml .Values.selfSharding | nindent 4 }}
{{- end }}
{{- if .Values.auth }}
auth:
{{- range $auth := .Values.auth }}
{{- if not $auth.realm -}}
{{- fail "auth element must have a realm field" -}}
{{- end }}
- secretName: {{ include "viking-ingress.authSecretName" ( dict "dot" $ "auth" $auth ) }}
{{- range $k, $v := $auth -}}
{{- if ne $k "creds" -}}
{{ toYaml (dict $k $v) | nindent 6 }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
......@@ -47,3 +47,7 @@ vcl: ""
## Configuration for a sharded cache, specify the empty object for default
## config.
# selfSharding: {}
# Authentication (Basic or Proxy) for VarnishConfig.
# Include a field "creds" with a name-value map for credentials.
auth: []
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment