helm-charts/authentik-application/templates/secrets.yaml

{{- $clientID := include "authentik-application.staticValue" (dict "root" $ "name" "clientID" "default" (randAlphaNum 32) "overwrite" .Values.blueprint.provider.oidc.clientID) }}
{{- $clientSecret := include "authentik-application.staticValue" (dict "root" $ "name" "clientSecret" "default" (randAlphaNum 32) "overwrite" .Values.blueprint.provider.oidc.clientSecret) }}
{{- $bindPolicyID := include "authentik-application.staticValue" (dict "root" $ "name" "bindPolicyID" "default" (uuidv4) "overwrite" .Values.blueprint.application.bindPolicyID) }}
---
apiVersion: v1
kind: Secret
metadata:
  name: {{ include "authentik-application.fullname" . }}
  labels:
    {{- include "authentik-application.labels" . | nindent 4 }}
    {{- with .Values.secret.labels }}
    {{- toYaml . | nindent 4 }}
    {{- end }}
stringData:
  bindPolicyID: {{ $bindPolicyID | quote }}

  {{- if .Values.blueprint.provider.enabled }}
  issuerURL: {{ print .Values.blueprint.authentik.domain "/application/o/" .Values.blueprint.application.slug "/" }}

  {{- with .Values.blueprint.provider.oidc }}
  clientID: {{ $clientID | quote }}
  clientSecret: {{ $clientSecret | quote }}

  redirectURL: {{ .redirectURL }}

  {{- with .tokenDuration }}
  tokenDuration: {{ . | quote }}
  {{- end }} 

  {{- with .scopes }}
  customScopes: {{ . | join "," | quote }}
  {{- end }} 

  {{- with .claimUsername }}
  claimUsername: {{ . | quote }}
  {{- end }} 

  {{- with .claimGroups }}
  claimGroups: {{ . | quote }}
  {{- end }}
  {{- end }}{{/* end with oidc */}}
  {{- end }}{{/* end if provider */}}
---
apiVersion: v1
kind: Secret
metadata:
  name: {{ include "authentik-application.fullname" . }}-blueprint
  labels:
    {{- include "authentik-application.labels" . | nindent 4 }}
    {{- with .Values.blueprint.labels }}
    {{- toYaml . | nindent 4 }}
    {{- end }}
stringData:
  blueprint.yaml: |-
    version: 1
    metadata:
      name: {{ include "authentik-application.fullname" . }}
    entries:
      {{- $tplValues := (dict "root" $ "Template" .Template "bindPolicyID" $bindPolicyID "clientID" $clientID "clientSecret" $clientSecret) }}
      {{- if .Values.blueprint.provider.enabled }}
      {{- tpl (.Files.Get (printf "files/provider/%s.yaml.gotmpl" .Values.blueprint.provider.type)) $tplValues | nindent 6 }}
      {{- end }}

      {{- tpl (.Files.Get "files/application.yaml.gotmpl") $tplValues | nindent 6 }}
      {{- tpl (.Files.Get "files/groups.yaml.gotmpl") $tplValues | nindent 6 }}
chore(authentik-application): refactory for easiert templating of blueprint 2023-11-05 18:33:34 +01:00			`{{- $clientID := include "authentik-application.staticValue" (dict "root" $ "name" "clientID" "default" (randAlphaNum 32) "overwrite" .Values.blueprint.provider.oidc.clientID) }}`
			`{{- $clientSecret := include "authentik-application.staticValue" (dict "root" $ "name" "clientSecret" "default" (randAlphaNum 32) "overwrite" .Values.blueprint.provider.oidc.clientSecret) }}`
			`{{- $bindPolicyID := include "authentik-application.staticValue" (dict "root" $ "name" "bindPolicyID" "default" (uuidv4) "overwrite" .Values.blueprint.application.bindPolicyID) }}`
fix(authentik-application): init 2023-09-03 14:58:07 +02:00			`---`
			`apiVersion: v1`
			`kind: Secret`
			`metadata:`
chore(authentik-application): refactory for easiert templating of blueprint 2023-11-05 18:33:34 +01:00			`name: {{ include "authentik-application.fullname" . }}`
fix(authentik-application): init 2023-09-03 14:58:07 +02:00			`labels:`
			`{{- include "authentik-application.labels" . \| nindent 4 }}`
			`{{- with .Values.secret.labels }}`
			`{{- toYaml . \| nindent 4 }}`
			`{{- end }}`
			`stringData:`
fix(authentik-application): support provider optional, group policy bidng (+ icon) 2023-09-06 00:40:34 +02:00			`bindPolicyID: {{ $bindPolicyID \| quote }}`

			`{{- if .Values.blueprint.provider.enabled }}`
fix(authentik-application): init 2023-09-03 14:58:07 +02:00			`issuerURL: {{ print .Values.blueprint.authentik.domain "/application/o/" .Values.blueprint.application.slug "/" }}`
fix(authentik-application): support provider optional, group policy bidng (+ icon) 2023-09-06 00:40:34 +02:00
fix(authentik-application): support provider for proxy 2023-09-06 22:02:27 +02:00			`{{- with .Values.blueprint.provider.oidc }}`
fix(authentik-application): init 2023-09-03 14:58:07 +02:00			`clientID: {{ $clientID \| quote }}`
			`clientSecret: {{ $clientSecret \| quote }}`
fix(authentik-application): support provider optional, group policy bidng (+ icon) 2023-09-06 00:40:34 +02:00
fix(authentik-application): support provider for proxy 2023-09-06 22:02:27 +02:00			`redirectURL: {{ .redirectURL }}`
fix(authentik-application): support provider optional, group policy bidng (+ icon) 2023-09-06 00:40:34 +02:00
fix(authentik-application): support provider for proxy 2023-09-06 22:02:27 +02:00			`{{- with .tokenDuration }}`
fix(authentik-application): init 2023-09-03 14:58:07 +02:00			`tokenDuration: {{ . \| quote }}`
			`{{- end }}`
fix(authentik-application): support provider optional, group policy bidng (+ icon) 2023-09-06 00:40:34 +02:00
fix(authentik-application): support provider for proxy 2023-09-06 22:02:27 +02:00			`{{- with .scopes }}`
fix(authentik-application): init 2023-09-03 14:58:07 +02:00			`customScopes: {{ . \| join "," \| quote }}`
			`{{- end }}`
fix(authentik-application): support provider optional, group policy bidng (+ icon) 2023-09-06 00:40:34 +02:00
fix(authentik-application): support provider for proxy 2023-09-06 22:02:27 +02:00			`{{- with .claimUsername }}`
fix(authentik-application): init 2023-09-03 14:58:07 +02:00			`claimUsername: {{ . \| quote }}`
			`{{- end }}`
fix(authentik-application): support provider optional, group policy bidng (+ icon) 2023-09-06 00:40:34 +02:00
fix(authentik-application): support provider for proxy 2023-09-06 22:02:27 +02:00			`{{- with .claimGroups }}`
fix(authentik-application): init 2023-09-03 14:58:07 +02:00			`claimGroups: {{ . \| quote }}`
			`{{- end }}`
chore(authentik-application): refactory for easiert templating of blueprint 2023-11-05 18:33:34 +01:00			`{{- end }}{{/* end with oidc */}}`
			`{{- end }}{{/* end if provider */}}`
fix(authentik-application): init 2023-09-03 14:58:07 +02:00			`---`
			`apiVersion: v1`
			`kind: Secret`
			`metadata:`
			`name: {{ include "authentik-application.fullname" . }}-blueprint`
			`labels:`
			`{{- include "authentik-application.labels" . \| nindent 4 }}`
			`{{- with .Values.blueprint.labels }}`
			`{{- toYaml . \| nindent 4 }}`
			`{{- end }}`
			`stringData:`
			`blueprint.yaml: \|-`
			`version: 1`
			`metadata:`
			`name: {{ include "authentik-application.fullname" . }}`
			`entries:`
chore(authentik-application): refactory for easiert templating of blueprint 2023-11-05 18:33:34 +01:00			`{{- $tplValues := (dict "root" $ "Template" .Template "bindPolicyID" $bindPolicyID "clientID" $clientID "clientSecret" $clientSecret) }}`
fix(authentik-application): support provider optional, group policy bidng (+ icon) 2023-09-06 00:40:34 +02:00			`{{- if .Values.blueprint.provider.enabled }}`
chore(authentik-application): refactory for easiert templating of blueprint 2023-11-05 18:33:34 +01:00			`{{- tpl (.Files.Get (printf "files/provider/%s.yaml.gotmpl" .Values.blueprint.provider.type)) $tplValues \| nindent 6 }}`
fix(authentik-application): init 2023-09-03 14:58:07 +02:00			`{{- end }}`
fix(authentik-application): support provider optional, group policy bidng (+ icon) 2023-09-06 00:40:34 +02:00
chore(authentik-application): refactory for easiert templating of blueprint 2023-11-05 18:33:34 +01:00			`{{- tpl (.Files.Get "files/application.yaml.gotmpl") $tplValues \| nindent 6 }}`
			`{{- tpl (.Files.Get "files/groups.yaml.gotmpl") $tplValues \| nindent 6 }}`