initial commit

charts/saml-broker/templates/NOTES.txt

@@ -0,0 +1,4 @@
+1. Get the service URL by running these commands:
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "saml-broker.name" . }}" -o jsonpath="{.items[0].metadata.name}")
+  kubectl port-forward $POD_NAME 8080:8080 &
+  echo "Visit http://127.0.0.1:8080/saml/metadata"

charts/saml-broker/templates/_helpers.tpl

@@ -0,0 +1,10 @@
+{{- define "saml-broker.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- define "saml-broker.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s" (include "saml-broker.name" .) | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}

charts/saml-broker/templates/configmap.yaml

@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "saml-broker.fullname" . }}-config
+data:
+  config.yaml: |
+{{ toYaml .Values.config | indent 4 }}

charts/saml-broker/templates/deployment.yaml

@@ -0,0 +1,49 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "saml-broker.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "saml-broker.name" . }}
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: {{ include "saml-broker.name" . }}
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: {{ include "saml-broker.name" . }}
+    spec:
+      containers:
+        - name: broker
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          env:
+            - name: CONFIG_PATH
+              value: /config/config.yaml
+            - name: OIDC_CLIENT_SECRET
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.env.OIDC_CLIENT_SECRET_SECRET_NAME }}
+                  key: {{ .Values.env.OIDC_CLIENT_SECRET_KEY }}
+          ports:
+            - name: http
+              containerPort: 8080
+          volumeMounts:
+            - name: cfg
+              mountPath: /config
+              readOnly: true
+          readinessProbe:
+            httpGet:
+              path: /healthz
+              port: http
+          livenessProbe:
+            httpGet:
+              path: /healthz
+              port: http
+          resources:
+{{ toYaml .Values.resources | indent 12 }}
+      volumes:
+        - name: cfg
+          configMap:
+            name: {{ include "saml-broker.fullname" . }}-config

charts/saml-broker/templates/ingress.yaml

@@ -0,0 +1,30 @@
+{{- if .Values.ingress.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: {{ include "saml-broker.fullname" . }}
+  {{- with .Values.ingress.className }}
+  annotations:
+    kubernetes.io/ingress.class: {{ . }}
+  {{- end }}
+spec:
+  rules:
+  {{- range .Values.ingress.hosts }}
+    - host: {{ .host }}
+      http:
+        paths:
+        {{- range .paths }}
+          - path: {{ .path }}
+            pathType: {{ .pathType }}
+            backend:
+              service:
+                name: {{ include "saml-broker.fullname" $ }}
+                port:
+                  number: {{ $.Values.service.port }}
+        {{- end }}
+  {{- end }}
+  {{- if .Values.ingress.tls }}
+  tls:
+{{ toYaml .Values.ingress.tls | indent 4 }}
+  {{- end }}
+{{- end }}

charts/saml-broker/templates/service.yaml

@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "saml-broker.fullname" . }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.service.port }}
+      targetPort: http
+      protocol: TCP
+      name: http
+  selector:
+    app.kubernetes.io/name: {{ include "saml-broker.name" . }}