| Piotr Dobrowolski | b67ae48 | 2021-01-31 10:35:38 +0100 | [diff] [blame] | 1 | local kube = import "../../../kube/kube.libsonnet"; |
| 2 | |
| 3 | { |
| 4 | local app = self, |
| 5 | local cfg = app.cfg, |
| 6 | cfg:: { |
| 7 | image: error "cfg.image must be set", |
| 8 | |
| 9 | # webDomain is the domain name at which matrix instance/cas proxy is served |
| 10 | webDomain: error "cfg.webDomain must be set", |
| 11 | |
| 12 | oauth2: error "cfg.oauth2 must be set", |
| 13 | }, |
| 14 | |
| 15 | ns:: error "ns needs to be a kube.Namespace object", |
| 16 | |
| 17 | deployment: app.ns.Contain(kube.Deployment("oauth2-cas-proxy")) { |
| 18 | spec+: { |
| 19 | replicas: 1, |
| 20 | template+: { |
| 21 | spec+: { |
| 22 | containers_: { |
| 23 | proxy: kube.Container("oauth2-cas-proxy") { |
| 24 | image: cfg.image, |
| 25 | ports_: { |
| 26 | http: { containerPort: 5000 }, |
| 27 | }, |
| 28 | env_: { |
| 29 | BASE_URL: "https://%s" % [cfg.webDomain], |
| 30 | SERVICE_URL: "https://%s" % [cfg.webDomain], |
| 31 | OAUTH2_CLIENT: cfg.oauth2.clientID, |
| 32 | OAUTH2_SECRET: cfg.oauth2.clientSecret, |
| 33 | OAUTH2_SCOPE: cfg.oauth2.scope, |
| 34 | OAUTH2_AUTHORIZE: cfg.oauth2.authorizeURL, |
| 35 | OAUTH2_TOKEN: cfg.oauth2.tokenURL, |
| 36 | OAUTH2_USERINFO: cfg.oauth2.userinfoURL, |
| 37 | }, |
| 38 | }, |
| 39 | }, |
| 40 | }, |
| 41 | }, |
| 42 | }, |
| 43 | }, |
| 44 | |
| 45 | svc: app.ns.Contain(kube.Service("oauth2-cas-proxy")) { |
| 46 | target_pod:: app.deployment.spec.template, |
| 47 | }, |
| 48 | } |