Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Add oidc integration example for nextcloud (#252) #253

Merged
merged 9 commits into from
Sep 18, 2023
Merged

feat: Add oidc integration example for nextcloud (#252) #253

merged 9 commits into from
Sep 18, 2023

Conversation

JensAc
Copy link
Contributor

@JensAc JensAc commented Aug 10, 2023

This PR introduces a very simple example how the integration of oidc could be done. Please let me know what you think about having secret data directly in the Nextcloud resource and the Deployment. This PR is meant as a starting point for discussion and implementation.

@pmig pmig requested a review from kosmoz August 10, 2023 13:29
@pmig
Copy link
Member

pmig commented Aug 10, 2023
edited
Loading

Thanks for your contribution on the first glance it already looks very promissing. We might want to wrap the authentication into a parent object, so we can also support SAML2.0 and make it the interface future proof.

Edit: As OICD is a separated app the configuration of a potential SAML 2.0 configuration can be in a different location.

As @kosmoz will be able to review the PR next Wednesday the earliest it might take a little longer this time to get the interface right :-).

@pmig pmig self-requested a review August 10, 2023 13:53
@pmig pmig linked an issue Aug 10, 2023 that may be closed by this pull request
[Feature]: Oidc integration #252
Closed
1 task
kosmoz
kosmoz requested changes Aug 16, 2023
View reviewed changes
Copy link
Member

@kosmoz kosmoz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi Jens and thank you for your contribution! 🚀

I think it makes a lot of sense to support OIDC configuration for the tools that support it. This looks like a good start, however I have some suggestions and questions below.

operator/src/main/kotlin/eu/glasskube/operator/apps/nextcloud/NextcloudAppsSpec.kt Outdated Show resolved Hide resolved
operator/src/main/kotlin/eu/glasskube/operator/apps/nextcloud/NextcloudAppsSpec.kt Show resolved Hide resolved
operator/src/main/kotlin/eu/glasskube/operator/apps/nextcloud/dependent/NextcloudDeployment.kt Outdated Show resolved Hide resolved
operator/src/main/kotlin/eu/glasskube/operator/apps/nextcloud/dependent/NextcloudDeployment.kt Outdated Show resolved Hide resolved
operator/src/main/kotlin/eu/glasskube/operator/apps/nextcloud/dependent/NextcloudDeployment.kt Outdated Show resolved Hide resolved
operator/src/main/kotlin/eu/glasskube/operator/apps/nextcloud/dependent/NextcloudDeployment.kt Outdated Show resolved Hide resolved
@JensAc
Copy link
Contributor Author

JensAc commented Sep 8, 2023

I just iterated once more over this PR and hope that I met your ideas. Once again, I really appreciate a review and will iterate once more if desired.

@kosmoz kosmoz self-requested a review September 8, 2023 11:55
kosmoz
kosmoz requested changes Sep 11, 2023
View reviewed changes
Copy link
Member

@kosmoz kosmoz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the update!

I tested this feature using a local Keycloak and Nextcloud instance and it basically worked out of the box (see below)! ✨

There are still some smaller improvements/suggestions I would like to propose before we merge this (open for discussion, see below).

operator/src/main/kotlin/eu/glasskube/operator/apps/nextcloud/dependent/NextcloudConfigMap.kt Outdated Show resolved Hide resolved
operator/src/main/kotlin/eu/glasskube/operator/apps/nextcloud/dependent/NextcloudDeployment.kt Show resolved Hide resolved
operator/src/main/kotlin/eu/glasskube/operator/apps/nextcloud/NextcloudAppsSpec.kt Show resolved Hide resolved
@JensAc
feat: add oidc integration example for nextcloud (glasskube#252)
e4b517c 
Signed-off-by: Jens Schneider <jens.schneider.ac@posteo.de>
@JensAc
style: remove redundant comma (glasskube#252)
abee1cc 
Signed-off-by: Jens Schneider <jens.schneider.ac@posteo.de>
@JensAc
feat: use oidc_login as oidc provider for nextcloud (glasskube#252)
a24e2da 
Moreover, read clientId and clientSecret from a Kubernetes secret and
feed it into the nextcloud pod as an environment variable.

Signed-off-by: Jens Schneider <jens.schneider.ac@posteo.de>
@JensAc
docs: add documentation for nextcloud oidc support (glasskube#252)
4e8feed 
Signed-off-by: Jens Schneider <jens.schneider.ac@posteo.de>
@JensAc
style: remove redundant commas (glasskube#252)
be7b634 
Signed-off-by: Jens Schneider <jens.schneider.ac@posteo.de>
@JensAc
style: remove redundat safe call (glasskube#252)
506a416 
Signed-off-by: Jens Schneider <jens.schneider.ac@posteo.de>
@JensAc
fix: define oidc spec as nullable (glasskube#252)
7dc2a22 
Signed-off-by: Jens Schneider <jens.schneider.ac@posteo.de>
@JensAc
docs: add description for oidcSecret (glasskube#252)
ee5831d 
Signed-off-by: Jens Schneider <jens.schneider.ac@posteo.de>
@JensAc
style: use spread operator instead of redundant safe calls (glasskube…
e3b360f 
…#252)

Signed-off-by: Jens Schneider <jens.schneider.ac@posteo.de>
@pmig pmig requested a review from kosmoz September 18, 2023 07:30
kosmoz
kosmoz approved these changes Sep 18, 2023
View reviewed changes
Copy link
Member

@kosmoz kosmoz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good 👍

operator/src/main/kotlin/eu/glasskube/operator/apps/nextcloud/dependent/NextcloudDeployment.kt Show resolved Hide resolved
operator/src/main/kotlin/eu/glasskube/operator/apps/nextcloud/NextcloudAppsSpec.kt Show resolved Hide resolved
@pmig pmig merged commit fcc5d79 into glasskube:main Sep 18, 2023
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kosmoz kosmoz kosmoz approved these changes

@pmig pmig pmig approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Feature]: Oidc integration
3 participants
@JensAc @pmig @kosmoz