blob: f1de4fe4b7eb45490ee568c6592995796a050fe8 [file] [log] [blame]
local kube = import "../../../kube/kube.libsonnet";
{
local app = self,
local cfg = app.cfg,
cfg:: {
image: error "cfg.image must be set",
# webDomain is the domain name at which matrix instance/cas proxy is served
webDomain: error "cfg.webDomain must be set",
oauth2: error "cfg.oauth2 must be set",
},
ns:: error "ns needs to be a kube.Namespace object",
deployment: app.ns.Contain(kube.Deployment("oauth2-cas-proxy")) {
spec+: {
replicas: 1,
template+: {
spec+: {
containers_: {
proxy: kube.Container("oauth2-cas-proxy") {
image: cfg.image,
ports_: {
http: { containerPort: 5000 },
},
env_: {
BASE_URL: "https://%s" % [cfg.webDomain],
SERVICE_URL: "https://%s" % [cfg.webDomain],
OAUTH2_CLIENT: cfg.oauth2.clientID,
OAUTH2_SECRET: cfg.oauth2.clientSecret,
OAUTH2_SCOPE: cfg.oauth2.scope,
OAUTH2_AUTHORIZE: cfg.oauth2.authorizeURL,
OAUTH2_TOKEN: cfg.oauth2.tokenURL,
OAUTH2_USERINFO: cfg.oauth2.userinfoURL,
},
},
},
},
},
},
},
svc: app.ns.Contain(kube.Service("oauth2-cas-proxy")) {
target:: app.deployment,
},
}