| local kube = import "../../../kube/kube.libsonnet"; |
| |
| { |
| local app = self, |
| local cfg = app.cfg, |
| cfg:: { |
| image: error "cfg.image must be set", |
| |
| # webDomain is the domain name at which matrix instance/cas proxy is served |
| webDomain: error "cfg.webDomain must be set", |
| |
| oauth2: error "cfg.oauth2 must be set", |
| }, |
| |
| ns:: error "ns needs to be a kube.Namespace object", |
| |
| deployment: app.ns.Contain(kube.Deployment("oauth2-cas-proxy")) { |
| spec+: { |
| replicas: 1, |
| template+: { |
| spec+: { |
| containers_: { |
| proxy: kube.Container("oauth2-cas-proxy") { |
| image: cfg.image, |
| ports_: { |
| http: { containerPort: 5000 }, |
| }, |
| env_: { |
| BASE_URL: "https://%s" % [cfg.webDomain], |
| SERVICE_URL: "https://%s" % [cfg.webDomain], |
| OAUTH2_CLIENT: cfg.oauth2.clientID, |
| OAUTH2_SECRET: cfg.oauth2.clientSecret, |
| OAUTH2_SCOPE: cfg.oauth2.scope, |
| OAUTH2_AUTHORIZE: cfg.oauth2.authorizeURL, |
| OAUTH2_TOKEN: cfg.oauth2.tokenURL, |
| OAUTH2_USERINFO: cfg.oauth2.userinfoURL, |
| }, |
| }, |
| }, |
| }, |
| }, |
| }, |
| }, |
| |
| svc: app.ns.Contain(kube.Service("oauth2-cas-proxy")) { |
| target_pod:: app.deployment.spec.template, |
| }, |
| } |