github.com/verrazzano/verrazzano@v1.7.0/platform-operator/helm_config/overrides/dex-values.yaml (about) 1 # Copyright (c) 2023, Oracle and/or its affiliates. 2 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. 3 4 config: 5 storage: 6 type: kubernetes 7 config: 8 inCluster: true 9 enablePasswordDB: true 10 oauth2: 11 skipApprovalScreen: true 12 passwordConnector: local 13 frontend: 14 issuer: Verrazzano 15 logoURL: theme/logo.svg 16 dir: /srv/dex/web 17 theme: verrazzano 18 19 envVars: 20 - name: PASSWORD_DB_USERNAME_PROMPT 21 value: "Username" 22 23 podAnnotations: 24 traffic.sidecar.istio.io/excludeOutboundPorts: "443" 25 26 ingress: 27 enabled: true 28 annotations: 29 kubernetes.io/tls-acme: "true" 30 nginx.ingress.kubernetes.io/session-cookie-samesite: "Strict" 31 nginx.ingress.kubernetes.io/service-upstream: "true" 32 nginx.ingress.kubernetes.io/upstream-vhost: "dex.${namespace}.svc.cluster.local" 33 nginx.ingress.kubernetes.io/affinity: "cookie" 34 nginx.ingress.kubernetes.io/proxy-buffer-size: "256k" 35 nginx.ingress.kubernetes.io/session-cookie-conditional-samesite-none: "true" 36 nginx.ingress.kubernetes.io/session-cookie-expires: "86400" 37 nginx.ingress.kubernetes.io/session-cookie-max-age: "86400" 38 nginx.ingress.kubernetes.io/session-cookie-name: "dex" 39 external-dns.alpha.kubernetes.io/ttl: "60" 40 hosts: 41 - host: "{{ .Values.host }}" 42 paths: 43 - path: / 44 pathType: ImplementationSpecific 45 tls: 46 - hosts: 47 - "{{ .Values.tlsHosts }}" 48 secretName: "dex-tls" 49 50 service: 51 ports: 52 http: 53 port: 80 54 55 securityContext: 56 allowPrivilegeEscalation: false 57 privileged: false 58 runAsNonRoot: true 59 runAsUser: 1001 60 runAsGroup: 0 61 capabilities: 62 drop: 63 - ALL 64 65 podSecurityContext: 66 seccompProfile: 67 type: RuntimeDefault 68 69 replicas: 1