Skip to content

Commit

Permalink
Formalize oidc_client_secret in flyte-admin-secrets
Browse files Browse the repository at this point in the history
 - When setting up integrations with an IdP like Keycloak, the
   oidc_client_secret must also be set in flyte-admin-secrets.

   Formalize that and make it more discoverable

Signed-off-by: ddl-ebrown <[email protected]>
  • Loading branch information
ddl-ebrown committed Jul 12, 2024
1 parent ebb3aaf commit 4a95b31
Show file tree
Hide file tree
Showing 7 changed files with 10 additions and 0 deletions.
4 changes: 4 additions & 0 deletions charts/flyte-core/templates/admin/secret.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ data:
cookie_hash_key: {{ index $secret.data "cookie_hash_key" }}
cookie_block_key: {{ index $secret.data "cookie_block_key" }}
claim_symmetric_key: {{ index $secret.data "claim_symmetric_key" }}
oidc_client_secret: {{ index $secret.data "oidc_client_secret" }}
{{- else }}
token_rsa_key.pem: |
{{ genPrivateKey "rsa" | b64enc }}
Expand All @@ -22,6 +23,9 @@ stringData:
cookie_hash_key: {{ randAlphaNum 64 | b64enc | quote }}
cookie_block_key: {{ randAlphaNum 32 | b64enc | quote }}
claim_symmetric_key: {{ randAlphaNum 32 | b64enc | quote }}
{{- if .Values.secrets.adminOauthClientCredentials.enabled }}
oidc_client_secret: {{ .Values.secrets.adminOauthClientCredentials.clientSecret | quote }}
{{- end }}
{{- end }}
{{- with .Values.flyteadmin.secrets -}}
{{ tpl (toYaml .) $ | nindent 2 }}
Expand Down
1 change: 1 addition & 0 deletions deployment/eks/flyte_aws_scheduler_helm_generated.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,7 @@ stringData:
cookie_hash_key: "QkszemVLWGdFU3h5UlhVS0JuU0oyWUNHcUNUdnhwQ2w2RTJsQktaR3gwcFg3MldNMGY0eFE0Z2VWS0t0bHp2QQ=="
cookie_block_key: "TVhSV3dVZjZlYkduQWtWWlFVZENkcE13bWpqYnk3NE8="
claim_symmetric_key: "RkptQ1dJODJvTGk0NGphb1ZSVWRpb1RZbEFaWHBIZTQ="
oidc_client_secret: "foobar"
---
# Source: flyte-core/templates/common/secret-auth.yaml
apiVersion: v1
Expand Down
1 change: 1 addition & 0 deletions deployment/eks/flyte_helm_controlplane_generated.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,7 @@ stringData:
cookie_hash_key: "VlY3UEcxNFY2SFFLeUpucUdxSnRSNFJUbnpyOVNnaXZjOEZnMHF4NU4zaDFBaDhPT3FhMU9BaHREU05UWExhRw=="
cookie_block_key: "WXk3WDFQb2w2MFhTRjdCa3ZsTDNqVlNjTDBmOFN3aVY="
claim_symmetric_key: "cEVhdGFUNzRMOVFlZnBScVlDOVJ6SVBoZXE4dEpPRDg="
oidc_client_secret: "foobar"
---
# Source: flyte-core/templates/common/secret-auth.yaml
apiVersion: v1
Expand Down
1 change: 1 addition & 0 deletions deployment/eks/flyte_helm_generated.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,7 @@ stringData:
cookie_hash_key: "SmVNNUxQb0NmbG40VDFnTlF2TmtuRTBMNHJHNG9qRG5UNmQ5aGRqdGRoZ05GWE5uZUViS2trVm5IT2k3OGRRNA=="
cookie_block_key: "bnB5NlBudHFleHB1WUx2SWRDd1RYR09IY1BpaUxVZUo="
claim_symmetric_key: "WUlJN0NyRmhaaFpGQVVUZXc3bnRSTTJoS1hnTVMzMUU="
oidc_client_secret: "foobar"
---
# Source: flyte-core/templates/common/secret-auth.yaml
apiVersion: v1
Expand Down
1 change: 1 addition & 0 deletions deployment/gcp/flyte_helm_controlplane_generated.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,7 @@ stringData:
cookie_hash_key: "YUZoeEtEcGJsZUs3SkVzaWxIM1U4dEZ0bUIyV1I2cVpQbThBcHJaQVloSlJySGQ4bkpGVk54RGhPQ0Jzc085eA=="
cookie_block_key: "SXFrNnhZRzBodklheWxHM1lDd3VhbkdqcjRmdjFkSUo="
claim_symmetric_key: "U3ZWSjRhTVk5RFhXb0VnRGFJQXNqbzZKWDY3aWp5b2I="
oidc_client_secret: "foobar"
---
# Source: flyte-core/templates/common/secret-auth.yaml
apiVersion: v1
Expand Down
1 change: 1 addition & 0 deletions deployment/gcp/flyte_helm_generated.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,7 @@ stringData:
cookie_hash_key: "Q0FnZkdlcHhGYUlTbkxYTGtSazk5ZDRjb1ByeGQ4YmdiWHhQM2lTZEc0M0ZRbGVFRUJCNmk1WUFUdEU3SXpZUQ=="
cookie_block_key: "RHhtQkhTcmRUZGh6bjZMcWZuZTlNaGdWcTZiWGR4TkY="
claim_symmetric_key: "d0VFNU1wZ2Uyc1FvcTNDbXd4ZHJsSmtYVmE2SGd6M0s="
oidc_client_secret: "foobar"
---
# Source: flyte-core/templates/common/secret-auth.yaml
apiVersion: v1
Expand Down
1 change: 1 addition & 0 deletions deployment/sandbox/flyte_helm_generated.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -123,6 +123,7 @@ stringData:
cookie_hash_key: "ZThram5lbkxybTdSeDhHbGM2VDVtckRVZUo3MVo3M1l5b0JGWGVpY1dCN3R1QmZMbWJDNEhkZHFvdnRkenNNOA=="
cookie_block_key: "UnlrWEt3NkkxRUQyN055N2tuMG9kQnRwV2JZdkZvVGg="
claim_symmetric_key: "MXcwb2ZpZWx4VmxqczcxalBGM0o2SzlOU1p3TkNvMXk="
oidc_client_secret: "foobar"
---
# Source: flyte/charts/flyte/templates/common/secret-auth.yaml
apiVersion: v1
Expand Down

0 comments on commit 4a95b31

Please sign in to comment.