feat(authentik-application): support own scopes for oidc

2023-12-29 16:39:05 +01:00 · 2023-12-29 16:39:05 +01:00 · 182a7f9c7b
commit 182a7f9c7b
parent f75fede2e6
7 changed files with 24 additions and 6 deletions
--- a/authentik-application/Chart.yaml
+++ b/authentik-application/Chart.yaml
@ -2,5 +2,5 @@ apiVersion: v2
 name: authentik-application
 type: application
-version: 0.3.5
+version: 0.4.0
 description: "A Chart to deploy a secret for the authentik blueprint-sidecar."
--- a/authentik-application/README.adoc
+++ b/authentik-application/README.adoc
@ -2,7 +2,7 @@
 = authentik-application
-image::https://img.shields.io/badge/Version-0.3.5-informational?style=flat-square[Version: 0.3.5]
+image::https://img.shields.io/badge/Version-0.4.0-informational?style=flat-square[Version: 0.4.0]
 image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
 ## Pre-Requirement
--- a/authentik-application/files/groups.yaml.gotmpl
+++ b/authentik-application/files/groups.yaml.gotmpl
@ -41,6 +41,7 @@
  identifiers:
    pk: {{ $group.bindID | quote }}
  attrs:
    pk: {{ $group.bindID | quote }}
    group: !KeyOf {{ $group.slug | quote}}
    order: 10
    target: !Find [authentik_core.Application, [slug, {{ $.Values.blueprint.application.slug }}]]
--- a/authentik-application/files/provider/oidc.yaml.gotmpl
+++ b/authentik-application/files/provider/oidc.yaml.gotmpl
@ -1,6 +1,20 @@
 {{- $clientID := get . "clientID" }}
 {{- $clientSecret := get . "clientSecret" }}
 {{- with get . "root" }}
 {{- range .Values.blueprint.provider.oidc.scopes }}
 {{- if .expression }}
 - model: authentik_providers_oauth2.ScopeMapping
  identifiers:
    name: {{ .name | quote }}
  state: present
  attrs:
    name: {{ .name | quote }}
    scope_name: {{ .scope_name }}
    expression: {{ .expression | quote }}
 {{- end }}
 {{- end }}
 - model: authentik_providers_oauth2.OAuth2Provider
  id: {{ .Values.blueprint.provider.name | default (include "authentik-application.fullname" .) }}
  identifiers:
@ -22,7 +36,7 @@
    {{- with .scopes }}
    property_mappings:
      {{- range . }}
-      - !Find [authentik_providers_oauth2.ScopeMapping, [scope_name, {{ . }}]]
+      - !Find [authentik_providers_oauth2.ScopeMapping, [name, {{ .name | quote }}]]
      {{- end }}
    {{- end }}
    {{- end }}
--- a/authentik-application/values.yaml
+++ b/authentik-application/values.yaml
@ -29,6 +29,9 @@ blueprint:
      signingKey: ""
      # -- Scope
      scopes:
        # - name:
        #   scope_name:
        #   expression:
    saml:
    proxy:
      externalHost:
--- a/forgejo-runner/README.adoc
+++ b/forgejo-runner/README.adoc
@ -2,7 +2,7 @@
 = forgejo-runner
-image::https://img.shields.io/badge/Version-0.1.2-informational?style=flat-square[Version: 0.1.2]
+image::https://img.shields.io/badge/Version-0.1.4-informational?style=flat-square[Version: 0.1.4]
 image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
 image::https://img.shields.io/badge/AppVersion-3.2.0-informational?style=flat-square[AppVersion: 3.2.0]
@ -129,7 +129,7 @@ helm uninstall forgejo-runner-release
 | kubectl.image.tag
 | string
-| `"1.27.7"`
+| `"1.28.5"`
 |
 | nameOverride
--- a/publish.sh
+++ b/publish.sh
@ -13,11 +13,11 @@ for p in * ; do
  if \
    [ $p == "alertmanager-matrix" ] || \
    [ $p == "alertmanager-ntfy" ] || \
    [ $p == "authentik-application" ] || \
    [ $p == "conduit" ] || \
    [ $p == "grampsweb" ] || \
    [ $p == "headscale" ] || \
    [ $p == "headscale-ui" ] || \
    [ $p == "forgejo-runner" ] || \
    [ $p == "jellyfin" ] || \
    [ $p == "miniserve" ] || \
    [ $p == "monitoring" ] || \