feat(chart): add support to custom login path (#988)

Signed-off-by: Miguel Martinez Trivino <[email protected]>

Author: migmartri

deployment/chainloop/Chart.yaml

@@ -7,7 +7,7 @@ description: Chainloop is an open source software supply chain control plane, a
 
 type: application
 # Bump the patch (not minor, not major) version on each change in the Chart Source code
-version: 1.63.0
+version: 1.63.1
 # Do not update appVersion, this is handled automatically by the release process
 appVersion: v0.91.8
 

deployment/chainloop/README.md

@@ -516,12 +516,13 @@ chainloop config save \
 
 ### Control Plane Authentication
 
-| Name                                  | Description                                                                                            | Value |
-| ------------------------------------- | ------------------------------------------------------------------------------------------------------ | ----- |
-| `controlplane.auth.passphrase`        | Passphrase used to sign the Auth Tokens generated by the controlplane. Leave empty for auto-generation | `""`  |
-| `controlplane.auth.oidc.url`          | Full authentication path, it should match the issuer URL of the Identity provider (IDp)                | `""`  |
-| `controlplane.auth.oidc.clientID`     | OIDC IDp clientID                                                                                      | `""`  |
-| `controlplane.auth.oidc.clientSecret` | OIDC IDp clientSecret                                                                                  | `""`  |
+| Name                                      | Description                                                                                            | Value |
+| ----------------------------------------- | ------------------------------------------------------------------------------------------------------ | ----- |
+| `controlplane.auth.passphrase`            | Passphrase used to sign the Auth Tokens generated by the controlplane. Leave empty for auto-generation | `""`  |
+| `controlplane.auth.oidc.url`              | Full authentication path, it should match the issuer URL of the Identity provider (IDp)                | `""`  |
+| `controlplane.auth.oidc.clientID`         | OIDC IDp clientID                                                                                      | `""`  |
+| `controlplane.auth.oidc.clientSecret`     | OIDC IDp clientSecret                                                                                  | `""`  |
+| `controlplane.auth.oidc.loginURLOverride` | Optional OIDC login URL override, useful to point to custom login pages                                |       |
 
 ### Control Plane Networking
 

deployment/chainloop/templates/controlplane/config.secret.yaml

@@ -48,6 +48,9 @@ stringData:
         domain: "{{ required "oidc URL endpoint required" .oidc.url }}"
         client_id: "{{ required "oidc clientID required" .oidc.clientID }}"
         client_secret: "{{ required "oidc clientSecret required" .oidc.clientSecret }}"
+        {{- if .oidc.loginURLOverride }}
+        login_url_override: "{{ .oidc.loginURLOverride }}"
+        {{- end }}
         {{- end }}
 
       # HMAC key used to sign the JWTs generated by the controlplane

deployment/chainloop/values.yaml

@@ -175,12 +175,14 @@ controlplane:
     passphrase: ""
 
     ## @param controlplane.auth.oidc.url Full authentication path, it should match the issuer URL of the Identity provider (IDp)
-    ## @param controlplane.auth.oidc.clientID  OIDC IDp clientID
-    ## @param controlplane.auth.oidc.clientSecret  OIDC IDp clientSecret
+    ## @param controlplane.auth.oidc.clientID OIDC IDp clientID
+    ## @param controlplane.auth.oidc.clientSecret OIDC IDp clientSecret
+    ## @extra controlplane.auth.oidc.loginURLOverride Optional OIDC login URL override, useful to point to custom login pages
     oidc:
       url: ""
       clientID: ""
       clientSecret: ""
+      # loginURLOverride: ""
 
   ## @section Control Plane Networking
   service: