From 182a7f9c7ba9dbc8674f814126a25e54656bedaa Mon Sep 17 00:00:00 2001
From: WrenIX <dev@wrenix.eu>
Date: Fri, 29 Dec 2023 16:39:05 +0100
Subject: [PATCH] feat(authentik-application): support own scopes for oidc

---
 authentik-application/Chart.yaml                 |  2 +-
 authentik-application/README.adoc                |  2 +-
 authentik-application/files/groups.yaml.gotmpl   |  1 +
 .../files/provider/oidc.yaml.gotmpl              | 16 +++++++++++++++-
 authentik-application/values.yaml                |  3 +++
 forgejo-runner/README.adoc                       |  4 ++--
 publish.sh                                       |  2 +-
 7 files changed, 24 insertions(+), 6 deletions(-)

diff --git a/authentik-application/Chart.yaml b/authentik-application/Chart.yaml
index c90e1c7..0314fb2 100644
--- a/authentik-application/Chart.yaml
+++ b/authentik-application/Chart.yaml
@@ -2,5 +2,5 @@ apiVersion: v2
 name: authentik-application
 type: application
 
-version: 0.3.5
+version: 0.4.0
 description: "A Chart to deploy a secret for the authentik blueprint-sidecar."
diff --git a/authentik-application/README.adoc b/authentik-application/README.adoc
index 6b0d8b6..383fe7f 100644
--- a/authentik-application/README.adoc
+++ b/authentik-application/README.adoc
@@ -2,7 +2,7 @@
 
 = authentik-application
 
-image::https://img.shields.io/badge/Version-0.3.5-informational?style=flat-square[Version: 0.3.5]
+image::https://img.shields.io/badge/Version-0.4.0-informational?style=flat-square[Version: 0.4.0]
 image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
 
 ## Pre-Requirement
diff --git a/authentik-application/files/groups.yaml.gotmpl b/authentik-application/files/groups.yaml.gotmpl
index 03dc704..0fb4194 100644
--- a/authentik-application/files/groups.yaml.gotmpl
+++ b/authentik-application/files/groups.yaml.gotmpl
@@ -41,6 +41,7 @@
   identifiers:
     pk: {{ $group.bindID | quote }}
   attrs:
+    pk: {{ $group.bindID | quote }}
     group: !KeyOf {{ $group.slug | quote}}
     order: 10
     target: !Find [authentik_core.Application, [slug, {{ $.Values.blueprint.application.slug }}]]
diff --git a/authentik-application/files/provider/oidc.yaml.gotmpl b/authentik-application/files/provider/oidc.yaml.gotmpl
index c90f18f..6468f57 100644
--- a/authentik-application/files/provider/oidc.yaml.gotmpl
+++ b/authentik-application/files/provider/oidc.yaml.gotmpl
@@ -1,6 +1,20 @@
 {{- $clientID := get . "clientID" }}
 {{- $clientSecret := get . "clientSecret" }}
 {{- with get . "root" }}
+
+{{- range .Values.blueprint.provider.oidc.scopes }}
+{{- if .expression }}
+- model: authentik_providers_oauth2.ScopeMapping
+  identifiers:
+    name: {{ .name | quote }}
+  state: present
+  attrs:
+    name: {{ .name | quote }}
+    scope_name: {{ .scope_name }}
+    expression: {{ .expression | quote }}
+{{- end }}
+{{- end }}
+
 - model: authentik_providers_oauth2.OAuth2Provider
   id: {{ .Values.blueprint.provider.name | default (include "authentik-application.fullname" .) }}
   identifiers:
@@ -22,7 +36,7 @@
     {{- with .scopes }}
     property_mappings:
       {{- range . }}
-      - !Find [authentik_providers_oauth2.ScopeMapping, [scope_name, {{ . }}]]
+      - !Find [authentik_providers_oauth2.ScopeMapping, [name, {{ .name | quote }}]]
       {{- end }}
     {{- end }}
     {{- end }}
diff --git a/authentik-application/values.yaml b/authentik-application/values.yaml
index b632d61..a4b6fa6 100644
--- a/authentik-application/values.yaml
+++ b/authentik-application/values.yaml
@@ -29,6 +29,9 @@ blueprint:
       signingKey: ""
       # -- Scope
       scopes:
+        # - name:
+        #   scope_name:
+        #   expression:
     saml:
     proxy:
       externalHost:
diff --git a/forgejo-runner/README.adoc b/forgejo-runner/README.adoc
index e7136db..0f3a58f 100644
--- a/forgejo-runner/README.adoc
+++ b/forgejo-runner/README.adoc
@@ -2,7 +2,7 @@
 
 = forgejo-runner
 
-image::https://img.shields.io/badge/Version-0.1.2-informational?style=flat-square[Version: 0.1.2]
+image::https://img.shields.io/badge/Version-0.1.4-informational?style=flat-square[Version: 0.1.4]
 image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
 image::https://img.shields.io/badge/AppVersion-3.2.0-informational?style=flat-square[AppVersion: 3.2.0]
 
@@ -129,7 +129,7 @@ helm uninstall forgejo-runner-release
 
 | kubectl.image.tag
 | string
-| `"1.27.7"`
+| `"1.28.5"`
 |
 
 | nameOverride
diff --git a/publish.sh b/publish.sh
index 037aacd..38fcc5d 100755
--- a/publish.sh
+++ b/publish.sh
@@ -13,11 +13,11 @@ for p in * ; do
   if \
     [ $p == "alertmanager-matrix" ] || \
     [ $p == "alertmanager-ntfy" ] || \
-    [ $p == "authentik-application" ] || \
     [ $p == "conduit" ] || \
     [ $p == "grampsweb" ] || \
     [ $p == "headscale" ] || \
     [ $p == "headscale-ui" ] || \
+    [ $p == "forgejo-runner" ] || \
     [ $p == "jellyfin" ] || \
     [ $p == "miniserve" ] || \
     [ $p == "monitoring" ] || \