karmada-io
/
karmada
mirror of https://github.com/karmada-io/karmada.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #6159 from tw-mnewman/6144 

Allow configuring karmada-apiserver OIDC via Helm
This commit is contained in:
karmada-bot 2025-02-28 20:32:22 +08:00 committed by GitHub
parent ecc12b4ce8 98aa22ce29
commit 3b6c0e0fa2
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 40 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
charts/karmada/templates/karmada-apiserver.yaml
View File

@ -73,6 +73,35 @@ spec:
- --max-requests-inflight={{ .Values.apiServer.maxRequestsInflight }} - --max-requests-inflight={{ .Values.apiServer.maxRequestsInflight }}
- --max-mutating-requests-inflight={{ .Values.apiServer.maxMutatingRequestsInflight }} - --max-mutating-requests-inflight={{ .Values.apiServer.maxMutatingRequestsInflight }}
- --tls-min-version=VersionTLS13 - --tls-min-version=VersionTLS13
{{- with .Values.apiServer.oidc }}
{{- if .caFile }}
- --oidc-ca-file={{ .caFile }}
{{- end }}
{{- if .clientId }}
- --oidc-client-id={{ .clientId }}
{{- end }}
{{- if .groupsClaim }}
- --oidc-groups-claim={{ .groupsClaim }}
{{- end }}
{{- if .groupsPrefix }}
- --oidc-groups-prefix={{ .groupsPrefix }}
{{- end }}
{{- if .issuerUrl }}
- --oidc-issuer-url={{ .issuerUrl }}
{{- end }}
{{- if .requiredClaim }}
- --oidc-required-claim={{ .requiredClaim }}
{{- end }}
{{- if .signingAlgs }}
- --oidc-signing-algs={{ .signingAlgs }}
{{- end }}
{{- if .usernameClaim }}
- --oidc-username-claim={{ .usernameClaim }}
{{- end }}
{{- if .usernamePrefix }}
- --oidc-username-prefix={{ .usernamePrefix }}
{{- end }}
{{- end }}
ports: ports:
- name: http - name: http
containerPort: 5443 containerPort: 5443

11
charts/karmada/values.yaml
View File

@ -443,6 +443,17 @@ apiServer:
podDisruptionBudget: *podDisruptionBudget podDisruptionBudget: *podDisruptionBudget
## @param apiServer.priorityClassName the priority class name for the karmada-apiserver ## @param apiServer.priorityClassName the priority class name for the karmada-apiserver
priorityClassName: "system-node-critical" priorityClassName: "system-node-critical"
oidc:
caFile: ""
clientId: ""
groupsClaim: ""
groupsPrefix: ""
issuerUrl: ""
# @param apiServer.oidc.requiredClaim comma separated 'key=value' pairs that describe required claims in the ID token
requiredClaim: ""
signingAlgs: ""
usernameClaim: ""
usernamePrefix: ""
## karmada aggregated apiserver config ## karmada aggregated apiserver config
aggregatedApiServer: aggregatedApiServer: