apiVersion: v1
kind: ConfigMap
metadata:
name: dex-2.12.3-d2iq-defaults
namespace: ${releaseNamespace}
data:
values.yaml: |-
---
priorityClassName: "dkp-critical-priority"
image: mesosphere/dex
imageTag: v2.35.1-d2iq.1
resources:
requests:
cpu: 100m
memory: 50Mi
deploymentAnnotations:
secret.reloader.stakater.com/reload: dex-tls # If a fullNameOverride has been set, change the value of "dex-tls" accordingly.
ingress:
enabled: true
annotations:
kubernetes.io/ingress.class: kommander-traefik
ingress.kubernetes.io/protocol: https
traefik.ingress.kubernetes.io/router.tls: "true"
path: /dex
hosts:
- ''
https: true
ports:
web:
containerPort: 8080
certs:
web:
create: false
secret:
tlsName: dex-tls
config:
issuer: https://dex.${releaseNamespace}.svc.cluster.local:8080/dex
frontend:
issuer: Kubernetes
theme: d2iq
storage:
type: kubernetes
config:
inCluster: true
logger:
level: debug
web:
address: 0.0.0.0
tlsCert: /etc/dex/tls/https/server/tls.crt
tlsKey: /etc/dex/tls/https/server/tls.key
grpc:
address: 0.0.0.0
tlsCert: /etc/dex/tls/grpc/server/tls.crt
tlsKey: /etc/dex/tls/grpc/server/tls.key
tlsClientCA: /etc/dex/tls/grpc/ca/tls.crt
oauth2:
skipApprovalScreen: true
staticClients: []
lazyInitConnectors: true
certIssuerRef:
kind: ${certificateIssuerKind:=Issuer}
name: ${certificateIssuerName}
env:
- name: KUBERNETES_POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
dex-controller:
priorityClassName: "dkp-critical-priority"
controller:
manager:
dexConfigSecretName: dex
dexDeploymentName: dex
deployment:
annotations:
secret.reloader.stakater.com/reload: dex-dex-controller-webhook-server-cert # If a fullNameOverride has been set, change the value of "dex-dex-controller" accordingly.
service:
metrics:
labels:
servicemonitor.kommander.mesosphere.io/path: metrics