fix

apps/sonar/sonar_ConfigMap.tf

@@ -37,13 +37,13 @@ resource "kubectl_manifest" "cm_files" {
         sonar.auth.saml.enabled=true
         sonar.auth.saml.applicationId=https://${local.dns_name}/saml2/metadata
         sonar.auth.saml.providerName=vynil
-        sonar.auth.saml.providerId=https://${data.kubernetes_ingress_v1.authentik.spec[0].rule[0].host}
+        sonar.auth.saml.providerId=https://${data.kubernetes_ingress_v1.authentik.spec[0].rule[0].host}/
         sonar.auth.saml.loginUrl=https://${data.kubernetes_ingress_v1.authentik.spec[0].rule[0].host}/application/saml/${var.component}-${var.instance}/sso/binding/redirect/
         sonar.auth.saml.certificate.secured=${join("",[for line in split("\n",module.saml.certificate_data): line if !endswith(line, "CERTIFICATE-----")])}
-        sonar.auth.saml.user.login=windowsaccountname
-        sonar.auth.saml.user.name=name
-        sonar.auth.saml.user.email=emailaddress
-        sonar.auth.saml.group.name=group
+        sonar.auth.saml.user.login=http://schemas.goauthentik.io/2021/02/saml/username
+        sonar.auth.saml.user.name=http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
+        sonar.auth.saml.user.email=http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
+        sonar.auth.saml.group.name=http://schemas.xmlsoap.org/claims/Group
       prometheus-ce-config.yaml: |-
         rules:
         - pattern: .*

apps/sonar/sonar_Service.tf

@@ -57,7 +57,7 @@ module "saml" {
   namespace         = var.namespace
   labels            = local.common_labels
   audience          = "https://${local.dns_name}/saml2/metadata"
-  saml_issuer       = "https://${data.kubernetes_ingress_v1.authentik.spec[0].rule[0].host}"
+  saml_issuer       = "https://${data.kubernetes_ingress_v1.authentik.spec[0].rule[0].host}/"
   group_mapping     = <<ENDF
 for group in user.ak_groups.all():
     if group.name == "authentik Admins":