fix
This commit is contained in:
@@ -28,15 +28,14 @@ resource "kubectl_manifest" "cm_files" {
|
|||||||
sonar.telemetry.enable=false
|
sonar.telemetry.enable=false
|
||||||
sonar.updatecenter.activate=false
|
sonar.updatecenter.activate=false
|
||||||
sonar.auth.saml.enabled=true
|
sonar.auth.saml.enabled=true
|
||||||
sonar.auth.saml.applicationId=
|
sonar.auth.saml.applicationId=${module.saml.app_id}
|
||||||
sonar.auth.saml.providerName=
|
sonar.auth.saml.providerName=vynil
|
||||||
sonar.auth.saml.providerId=
|
sonar.auth.saml.providerId=${module.saml.issuer}
|
||||||
sonar.auth.saml.loginUrl=
|
sonar.auth.saml.loginUrl=${module.saml.url_sso_init}
|
||||||
sonar.auth.saml.certificate.secured=
|
sonar.auth.saml.certificate.secured=${module.saml.certificate_data}
|
||||||
sonar.auth.saml.user.login=
|
sonar.auth.saml.user.login=windowsaccountname
|
||||||
sonar.auth.saml.user.name=
|
sonar.auth.saml.user.name=name
|
||||||
sonar.auth.saml.user.email=
|
sonar.auth.saml.user.email=emailaddress
|
||||||
sonar.auth.saml.group.name=
|
|
||||||
|
|
||||||
prometheus-ce-config.yaml: |-
|
prometheus-ce-config.yaml: |-
|
||||||
rules:
|
rules:
|
||||||
|
|||||||
@@ -41,6 +41,7 @@ module "application" {
|
|||||||
app_group = var.app_group
|
app_group = var.app_group
|
||||||
dns_name = local.dns_name
|
dns_name = local.dns_name
|
||||||
icon = local.icon
|
icon = local.icon
|
||||||
|
sub_groups = ["admin"]
|
||||||
protocol_provider = module.saml.provider-id
|
protocol_provider = module.saml.provider-id
|
||||||
providers = {
|
providers = {
|
||||||
authentik = authentik
|
authentik = authentik
|
||||||
@@ -55,6 +56,15 @@ module "saml" {
|
|||||||
dns_names = local.dns_names
|
dns_names = local.dns_names
|
||||||
namespace = var.namespace
|
namespace = var.namespace
|
||||||
labels = local.common_labels
|
labels = local.common_labels
|
||||||
|
group_mapping = <<ENDF
|
||||||
|
for group in user.ak_groups.all():
|
||||||
|
if group.name == "authentik Admins":
|
||||||
|
yield "admin"
|
||||||
|
elif group.name == "app-${local.app_name}-admin":
|
||||||
|
yield "admin"
|
||||||
|
else:
|
||||||
|
yield group.name
|
||||||
|
ENDF
|
||||||
providers = {
|
providers = {
|
||||||
kubectl = kubectl
|
kubectl = kubectl
|
||||||
authentik = authentik
|
authentik = authentik
|
||||||
|
|||||||
@@ -41,6 +41,7 @@ EOF
|
|||||||
}
|
}
|
||||||
|
|
||||||
resource "kubectl_manifest" "Service_server_compat" {
|
resource "kubectl_manifest" "Service_server_compat" {
|
||||||
|
depends_on = [kubectl_manifest.Deployment_server]
|
||||||
yaml_body = <<-EOF
|
yaml_body = <<-EOF
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Service
|
kind: Service
|
||||||
|
|||||||
Reference in New Issue
Block a user