Skip to content

Commit

Permalink
Enable IAP for frontend by default (#325)
Browse files Browse the repository at this point in the history 
Fix svc missing annotation cause the IAP disabled.
Fix missing value passed to IAP

Tested-by: zlq
  • Loading branch information
@blackzlq
blackzlq authored Mar 11, 2024
1 parent 5af7eff commit c9df187
Show file tree
Hide file tree
Showing 3 changed files with 6 additions and 0 deletions.
4 changes: 4 additions & 0 deletions applications/rag/frontend/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ module "iap_auth" {

project_id = var.project_id
namespace = var.namespace
support_email = var.support_email
app_name = "frontend"
brand = var.brand
k8s_ingress_name = var.k8s_ingress_name
Expand Down Expand Up @@ -57,6 +58,9 @@ resource "kubernetes_service" "rag_frontend_service" {
metadata {
name = "rag-frontend"
namespace = var.namespace
annotations = var.add_auth ? {
"beta.cloud.google.com/backend-config" : jsonencode({ "default" = var.k8s_backend_config_name })
} : {}
}
spec {
selector = {
Expand Down
1 change: 1 addition & 0 deletions applications/rag/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -161,6 +161,7 @@ module "jupyterhub" {
client_id = var.jupyter_client_id
client_secret = var.jupyter_client_secret
k8s_ingress_name = var.jupyter_k8s_ingress_name
k8s_iap_secret_name = var.jupyter_k8s_iap_secret_name
k8s_managed_cert_name = var.jupyter_k8s_managed_cert_name
k8s_backend_config_name = var.jupyter_k8s_backend_config_name
k8s_backend_service_name = var.jupyter_k8s_backend_service_name
Expand Down
1 change: 1 addition & 0 deletions modules/jupyter/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ module "iap_auth" {

project_id = var.project_id
namespace = var.namespace
support_email = var.support_email
app_name = "jupyter"
brand = var.brand
k8s_ingress_name = var.k8s_ingress_name
Expand Down

0 comments on commit c9df187

Please sign in to comment.