File tree Expand file tree Collapse file tree 1 file changed +29
-2
lines changed
deployments/charts/service Expand file tree Collapse file tree 1 file changed +29
-2
lines changed Original file line number Diff line number Diff line change @@ -1268,6 +1268,33 @@ services:
12681268 envoy :
12691269 service :
12701270 useHttp2 : true
1271+ # # JWT provider overrides for the operator service
1272+ # # The operator runs in a separate pod, so it must fetch JWKS from the
1273+ # # osmo-service Kubernetes service (osmoauth cluster) instead of localhost.
1274+ # #
1275+ jwt :
1276+ providers :
1277+ # # External OAuth provider configuration (provider 1)
1278+ # #
1279+ - issuer : " "
1280+ audience : " "
1281+ jwks_uri : " "
1282+ user_claim : unique_name
1283+ cluster : idp
1284+ # # External OAuth provider configuration (provider 2)
1285+ # #
1286+ - issuer : " "
1287+ audience : " "
1288+ jwks_uri : " "
1289+ user_claim : preferred_username
1290+ cluster : idp
1291+ # # Internal Osmo JWT provider configuration
1292+ # #
1293+ - issuer : osmo
1294+ audience : osmo
1295+ jwks_uri : http://osmo-service/api/auth/keys
1296+ user_claim : unique_name
1297+ cluster : osmoauth
12711298
12721299# # PodMonitor configuration (requires Prometheus Operator / monitoring.coreos.com CRD)
12731300# # Set enabled: false if the PodMonitor CRD is not installed in your cluster.
@@ -1697,9 +1724,9 @@ sidecars:
16971724 # #
16981725 - issuer : osmo
16991726 audience : osmo
1700- jwks_uri : http://osmo-service /api/auth/keys
1727+ jwks_uri : http://localhost:8000 /api/auth/keys
17011728 user_claim : unique_name
1702- cluster : osmoauth
1729+ cluster : service
17031730
17041731 # # OAuth2 Proxy sidecar configuration
17051732 # #
You can’t perform that action at this time.
0 commit comments