--- apiVersion: v1 kind: ConfigMap metadata: name: dex-2.10.0-d2iq-defaults namespace: ${releaseNamespace} data: values.yaml: |- --- image: mesosphere/dex imageTag: v2.31.0-d2iq resources: requests: cpu: 100m memory: 50Mi deploymentAnnotations: secret.reloader.stakater.com/reload: dex-tls # If a fullNameOverride has been set, change the value of "dex-tls" accordingly. ingress: enabled: true annotations: kubernetes.io/ingress.class: kommander-traefik ingress.kubernetes.io/protocol: https traefik.ingress.kubernetes.io/router.tls: "true" path: /dex hosts: - '' https: true ports: web: containerPort: 8080 certs: web: create: false secret: tlsName: dex-tls config: issuer: https://dex.${releaseNamespace}.svc.cluster.local:8080/dex frontend: issuer: Kubernetes theme: d2iq storage: type: kubernetes config: inCluster: true logger: level: debug web: address: 0.0.0.0 tlsCert: /etc/dex/tls/https/server/tls.crt tlsKey: /etc/dex/tls/https/server/tls.key grpc: address: 0.0.0.0 tlsCert: /etc/dex/tls/grpc/server/tls.crt tlsKey: /etc/dex/tls/grpc/server/tls.key tlsClientCA: /etc/dex/tls/grpc/ca/tls.crt oauth2: skipApprovalScreen: true staticClients: [] certIssuerRef: kind: ${certificateIssuerKind:=Issuer} name: ${certificateIssuerName} env: - name: KUBERNETES_POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace dex-controller: controller: manager: dexConfigSecretName: dex dexDeploymentName: dex deployment: annotations: secret.reloader.stakater.com/reload: dex-dex-controller-webhook-server-cert # If a fullNameOverride has been set, change the value of "dex-dex-controller" accordingly. service: metrics: labels: servicemonitor.kommander.mesosphere.io/path: metrics