feat(authentik-application): support own scopes for oidc

authentik-application/Chart.yaml

@@ -2,5 +2,5 @@ apiVersion: v2
 name: authentik-application
 type: application
 
-version: 0.3.5
+version: 0.4.0
 description: "A Chart to deploy a secret for the authentik blueprint-sidecar."

authentik-application/README.adoc

@@ -2,7 +2,7 @@
 
 = authentik-application
 
-image::https://img.shields.io/badge/Version-0.3.5-informational?style=flat-square[Version: 0.3.5]
+image::https://img.shields.io/badge/Version-0.4.0-informational?style=flat-square[Version: 0.4.0]
 image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
 
 ## Pre-Requirement

authentik-application/files/groups.yaml.gotmpl

@@ -41,6 +41,7 @@
   identifiers:
     pk: {{ $group.bindID | quote }}
   attrs:
+    pk: {{ $group.bindID | quote }}
     group: !KeyOf {{ $group.slug | quote}}
     order: 10
     target: !Find [authentik_core.Application, [slug, {{ $.Values.blueprint.application.slug }}]]

authentik-application/files/provider/oidc.yaml.gotmpl

@@ -1,6 +1,20 @@
 {{- $clientID := get . "clientID" }}
 {{- $clientSecret := get . "clientSecret" }}
 {{- with get . "root" }}
+
+{{- range .Values.blueprint.provider.oidc.scopes }}
+{{- if .expression }}
+- model: authentik_providers_oauth2.ScopeMapping
+  identifiers:
+    name: {{ .name | quote }}
+  state: present
+  attrs:
+    name: {{ .name | quote }}
+    scope_name: {{ .scope_name }}
+    expression: {{ .expression | quote }}
+{{- end }}
+{{- end }}
+
 - model: authentik_providers_oauth2.OAuth2Provider
   id: {{ .Values.blueprint.provider.name | default (include "authentik-application.fullname" .) }}
   identifiers:
@@ -22,7 +36,7 @@
     {{- with .scopes }}
     property_mappings:
       {{- range . }}
-      - !Find [authentik_providers_oauth2.ScopeMapping, [scope_name, {{ . }}]]
+      - !Find [authentik_providers_oauth2.ScopeMapping, [name, {{ .name | quote }}]]
       {{- end }}
     {{- end }}
     {{- end }}

authentik-application/values.yaml

@@ -29,6 +29,9 @@ blueprint:
       signingKey: ""
       # -- Scope
       scopes:
+        # - name:
+        #   scope_name:
+        #   expression:
     saml:
     proxy:
       externalHost:

forgejo-runner/README.adoc

@@ -2,7 +2,7 @@
 
 = forgejo-runner
 
-image::https://img.shields.io/badge/Version-0.1.2-informational?style=flat-square[Version: 0.1.2]
+image::https://img.shields.io/badge/Version-0.1.4-informational?style=flat-square[Version: 0.1.4]
 image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
 image::https://img.shields.io/badge/AppVersion-3.2.0-informational?style=flat-square[AppVersion: 3.2.0]
 
@@ -129,7 +129,7 @@ helm uninstall forgejo-runner-release
 
 | kubectl.image.tag
 | string
-| `"1.27.7"`
+| `"1.28.5"`
 |
 
 | nameOverride

publish.sh

@@ -13,11 +13,11 @@ for p in * ; do
   if \
     [ $p == "alertmanager-matrix" ] || \
     [ $p == "alertmanager-ntfy" ] || \
-    [ $p == "authentik-application" ] || \
     [ $p == "conduit" ] || \
     [ $p == "grampsweb" ] || \
     [ $p == "headscale" ] || \
     [ $p == "headscale-ui" ] || \
+    [ $p == "forgejo-runner" ] || \
     [ $p == "jellyfin" ] || \
     [ $p == "miniserve" ] || \
     [ $p == "monitoring" ] || \