mirror of
https://github.com/kubeshark/kubeshark.git
synced 2025-06-22 14:32:35 +00:00
✨ Add AUTH_ENABLED and AUTH_APPROVED_EMAILS environment variables to Hub's template
This commit is contained in:
M. Mert Yildiran
parent
1d17f83931
commit
c533bcd38c
@ -80,6 +80,8 @@ type ResourcesConfig struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
type AuthConfig struct {
|
type AuthConfig struct {
|
||||||
|
Enabled bool `yaml:"enabled" json:"enabled" default:"false"`
|
||||||
|
ApprovedEmails []string `yaml:"approvedemails" json:"approvedemails" default:"[]"`
|
||||||
ApprovedDomains []string `yaml:"approveddomains" json:"approveddomains" default:"[]"`
|
ApprovedDomains []string `yaml:"approveddomains" json:"approveddomains" default:"[]"`
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -89,7 +91,6 @@ type IngressConfig struct {
|
|||||||
Controller string `yaml:"controller" json:"controller" default:"k8s.io/ingress-nginx"`
|
Controller string `yaml:"controller" json:"controller" default:"k8s.io/ingress-nginx"`
|
||||||
Host string `yaml:"host" json:"host" default:"ks.svc.cluster.local"`
|
Host string `yaml:"host" json:"host" default:"ks.svc.cluster.local"`
|
||||||
TLS []networking.IngressTLS `yaml:"tls" json:"tls"`
|
TLS []networking.IngressTLS `yaml:"tls" json:"tls"`
|
||||||
Auth AuthConfig `yaml:"auth" json:"auth"`
|
|
||||||
CertManager string `yaml:"certmanager" json:"certmanager" default:"letsencrypt-prod"`
|
CertManager string `yaml:"certmanager" json:"certmanager" default:"letsencrypt-prod"`
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -118,6 +119,7 @@ type TapConfig struct {
|
|||||||
Labels map[string]string `yaml:"labels" json:"labels" default:"{}"`
|
Labels map[string]string `yaml:"labels" json:"labels" default:"{}"`
|
||||||
Annotations map[string]string `yaml:"annotations" json:"annotations" default:"{}"`
|
Annotations map[string]string `yaml:"annotations" json:"annotations" default:"{}"`
|
||||||
NodeSelectorTerms []v1.NodeSelectorTerm `yaml:"nodeselectorterms" json:"nodeselectorterms" default:"[]"`
|
NodeSelectorTerms []v1.NodeSelectorTerm `yaml:"nodeselectorterms" json:"nodeselectorterms" default:"[]"`
|
||||||
|
Auth AuthConfig `yaml:"auth" json:"auth"`
|
||||||
Ingress IngressConfig `yaml:"ingress" json:"ingress"`
|
Ingress IngressConfig `yaml:"ingress" json:"ingress"`
|
||||||
Debug bool `yaml:"debug" json:"debug" default:"false"`
|
Debug bool `yaml:"debug" json:"debug" default:"false"`
|
||||||
}
|
}
|
||||||
|
|||||||
@ -58,7 +58,7 @@ Visit [localhost:8899](http://localhost:8899)
|
|||||||
helm install kubeshark kubeshark/kubeshark \
|
helm install kubeshark kubeshark/kubeshark \
|
||||||
--set tap.ingress.enabled=true \
|
--set tap.ingress.enabled=true \
|
||||||
--set tap.ingress.host=ks.svc.cluster.local \
|
--set tap.ingress.host=ks.svc.cluster.local \
|
||||||
--set "tap.ingress.auth.approveddomains={gmail.com}" \
|
--set "tap.ingress.approveddomains={gmail.com}" \
|
||||||
--set license=LICENSE_GOES_HERE
|
--set license=LICENSE_GOES_HERE
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|||||||
@ -31,8 +31,12 @@ spec:
|
|||||||
value: '{{ .Values.scripting.env | toJson }}'
|
value: '{{ .Values.scripting.env | toJson }}'
|
||||||
- name: SCRIPTING_SCRIPTS
|
- name: SCRIPTING_SCRIPTS
|
||||||
value: '[]'
|
value: '[]'
|
||||||
|
- name: AUTH_ENABLED
|
||||||
|
value: '{{ .Values.tap.auth.enabled | ternary "true" "" }}'
|
||||||
|
- name: AUTH_APPROVED_EMAILS
|
||||||
|
value: '{{ gt (len .Values.tap.auth.approvedemails) 0 | ternary (join "," .Values.tap.auth.approvedemails) "" }}'
|
||||||
- name: AUTH_APPROVED_DOMAINS
|
- name: AUTH_APPROVED_DOMAINS
|
||||||
value: '{{ gt (len .Values.tap.ingress.auth.approveddomains) 0 | ternary (join "," .Values.tap.ingress.auth.approveddomains) "" }}'
|
value: '{{ gt (len .Values.tap.auth.approveddomains) 0 | ternary (join "," .Values.tap.auth.approveddomains) "" }}'
|
||||||
image: '{{ .Values.tap.docker.registry }}/hub:{{ .Values.tap.docker.tag }}'
|
image: '{{ .Values.tap.docker.registry }}/hub:{{ .Values.tap.docker.tag }}'
|
||||||
imagePullPolicy: {{ .Values.tap.docker.imagepullpolicy }}
|
imagePullPolicy: {{ .Values.tap.docker.imagepullpolicy }}
|
||||||
name: kubeshark-hub
|
name: kubeshark-hub
|
||||||
|
|||||||
@ -46,14 +46,16 @@ tap:
|
|||||||
labels: {}
|
labels: {}
|
||||||
annotations: {}
|
annotations: {}
|
||||||
nodeselectorterms: []
|
nodeselectorterms: []
|
||||||
|
auth:
|
||||||
|
enabled: false
|
||||||
|
approvedemails: []
|
||||||
|
approveddomains: []
|
||||||
ingress:
|
ingress:
|
||||||
enabled: false
|
enabled: false
|
||||||
classname: kubeshark-ingress-class
|
classname: kubeshark-ingress-class
|
||||||
controller: k8s.io/ingress-nginx
|
controller: k8s.io/ingress-nginx
|
||||||
host: ks.svc.cluster.local
|
host: ks.svc.cluster.local
|
||||||
tls: []
|
tls: []
|
||||||
auth:
|
|
||||||
approveddomains: []
|
|
||||||
certmanager: letsencrypt-prod
|
certmanager: letsencrypt-prod
|
||||||
debug: false
|
debug: false
|
||||||
ipv6: true
|
ipv6: true
|
||||||
|
|||||||
@ -15,7 +15,6 @@ kind: ConfigMap
|
|||||||
metadata:
|
metadata:
|
||||||
name: kubeshark-nginx-config
|
name: kubeshark-nginx-config
|
||||||
namespace: default
|
namespace: default
|
||||||
apiVersion: v1
|
|
||||||
data:
|
data:
|
||||||
default.conf: |
|
default.conf: |
|
||||||
server {
|
server {
|
||||||
@ -225,6 +224,10 @@ spec:
|
|||||||
value: '{}'
|
value: '{}'
|
||||||
- name: SCRIPTING_SCRIPTS
|
- name: SCRIPTING_SCRIPTS
|
||||||
value: '[]'
|
value: '[]'
|
||||||
|
- name: AUTH_ENABLED
|
||||||
|
value: ''
|
||||||
|
- name: AUTH_APPROVED_EMAILS
|
||||||
|
value: ''
|
||||||
- name: AUTH_APPROVED_DOMAINS
|
- name: AUTH_APPROVED_DOMAINS
|
||||||
value: ''
|
value: ''
|
||||||
image: 'docker.io/kubeshark/hub:latest'
|
image: 'docker.io/kubeshark/hub:latest'
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user