From 88f997011e1aeb511ef54154af7c2ee9175f0567 Mon Sep 17 00:00:00 2001
From: Arlan Lloyd <arlanlloyd@gmail.com>
Date: Sat, 28 Sep 2024 14:14:10 +0000
Subject: [PATCH] add oidc settings

---
 chart/templates/back/deployment.yaml | 26 ++++++++++++++++++++++++++
 chart/values.yaml                    | 12 ++++++++++++
 2 files changed, 38 insertions(+)

diff --git a/chart/templates/back/deployment.yaml b/chart/templates/back/deployment.yaml
index 19e7fdf1..2c190e2f 100644
--- a/chart/templates/back/deployment.yaml
+++ b/chart/templates/back/deployment.yaml
@@ -127,6 +127,32 @@ spec:
                 secretKeyRef:
                   key: {{ .Values.global.meilisearch.kyoo_back.masterkeyKey }}
                   name: {{ .Values.global.meilisearch.kyoo_back.existingSecret }}
+            {{- if .Values.kyoo.oidc.enabled }}
+            - name: OIDC_SERVICE_NAME
+              value: {{ .Values.kyoo.oidc.name }}
+            - name: OIDC_SERVICE_LOGO
+              value: {{ .Values.kyoo.oidc.logo }}
+            - name: OIDC_SERVICE_CLIENTID
+              valueFrom:
+                secretKeyRef:
+                  key: {{ .Values.kyoo.oidc.clientIDkey }}
+                  name: {{ .Values.kyoo.oidc.existingSecret }}
+            - name: OIDC_SERVICE_SECRET
+              valueFrom:
+                secretKeyRef:
+                  key: {{ .Values.kyoo.oidc.clientSecretKey }}
+                  name: {{ .Values.kyoo.oidc.existingSecret }}
+            - name: OIDC_SERVICE_AUTHORIZATION
+              value: {{ .Values.kyoo.oidc.authorizationAddress }}
+            - name: OIDC_SERVICE_TOKEN
+              value: {{ .Values.kyoo.oidc.tokenAddress }}
+            - name: OIDC_SERVICE_PROFILE
+              value: {{ .Values.kyoo.oidc.profileAddress }}
+            - name: OIDC_SERVICE_SCOPE
+              value: {{ .Values.kyoo.oidc.scope }}
+            - name: OIDC_SERVICE_AUTHMETHOD
+              value: {{ .Values.kyoo.oidc.authMethod }}
+            {{- end }}
             {{- with (concat .Values.global.extraEnv .Values.back.kyoo_back.extraEnv) }}
               {{- toYaml . | nindent 12 }}
             {{- end }}
diff --git a/chart/values.yaml b/chart/values.yaml
index 1ec31623..74f27177 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -95,6 +95,18 @@ kyoo:
   apikey:
     existingSecret: bigsecret
     apikeyKey: kyoo_apikeys
+  oidc:
+    enabled: false
+    existingSecret: bigsecret
+    clientIDkey: clientID
+    clientSecretKey: clientSecret
+    name: YourPrettyName
+    logo: https://url-of-your-logo.com
+    authorizationAddress: https://url-of-the-authorization-endpoint-of-the-oidc-service.com/auth
+    tokenAddress: https://url-of-the-token-endpoint-of-the-oidc-service.com/token
+    profileAddress: https://url-of-the-profile-endpoint-of-the-oidc-service.com/userinfo
+    scope: "email openid profile"
+    authMethod: ClientSecretBasic
 
 media:
   volumes: