Skip to content
This repository was archived by the owner on May 17, 2024. It is now read-only.

Commit 15194e7

Browse files
JoshVanLJoshVanL
committed
Updates helm chart for auditing options
Signed-off-by: JoshVanL <[email protected]>
1 parent 8ca9060 commit 15194e7

File tree

2 files changed

+21
-1
lines changed

2 files changed

+21
-1
lines changed

deploy/charts/kube-oidc-proxy/templates/deployment.yaml

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -74,6 +74,9 @@ spec:
7474
{{- if .Values.extraImpersonationHeaders.headers }}
7575
- "--extra-user-headers={{ .Values.extraImpersonationHeaders.headers }}"
7676
{{ end }}
77+
{{- range $key, $value := .Values.extraArgs -}}
78+
- "--{{ $key }}={{ $value -}}"
79+
{{ end }}
7780
resources:
7881
{{- toYaml .Values.resources | nindent 12 }}
7982
env:
@@ -135,14 +138,15 @@ spec:
135138
key: api-audiences
136139
{{ end }}
137140
volumeMounts:
138-
{{ if .Values.oidc.caPEM }}
141+
{{- if .Values.oidc.caPEM }}
139142
- name: kube-oidc-proxy-config
140143
mountPath: /etc/oidc
141144
readOnly: true
142145
{{ end }}
143146
- name: kube-oidc-proxy-tls
144147
mountPath: /etc/oidc/tls
145148
readOnly: true
149+
{{- if .Values.extraVolumeMounts }}{{ toYaml .Values.extraVolumeMounts | trim | nindent 10 }}{{ end }}
146150
volumes:
147151
{{ if .Values.oidc.caPEM }}
148152
- name: kube-oidc-proxy-config
@@ -152,6 +156,7 @@ spec:
152156
- key: oidc.ca-pem
153157
path: oidc-ca.pem
154158
{{ end }}
159+
{{- if .Values.extraVolumes }}{{ toYaml .Values.extraVolumes | trim | nindent 8 }}{{ end }}
155160
- name: kube-oidc-proxy-tls
156161
secret:
157162
secretName: {{ $tlsSecretName }}

deploy/charts/kube-oidc-proxy/values.yaml

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -60,6 +60,20 @@ extraImpersonationHeaders:
6060
clientIP: false
6161
#headers: key1=foo,key2=bar,key1=bar
6262

63+
extraArgs: {}
64+
#audit-log-path: /audit-log
65+
#audit-policy-file: /audit/audit.yaml
66+
67+
extraVolumeMounts: {}
68+
#- name: audit
69+
# mountPath: /audit
70+
# readOnly: true
71+
72+
extraVolumes: {}
73+
#- configMap:
74+
#defaultMode: 420
75+
#name: kube-oidc-proxy-policy
76+
#name: audit
6377

6478
ingress:
6579
enabled: false
@@ -91,6 +105,7 @@ resources: {}
91105
# requests:
92106
# cpu: 100m
93107
# memory: 128Mi
108+
#
94109

95110
initContainers: []
96111

0 commit comments

Comments
 (0)