dex-operator

command module
v0.0.0-...-98ccc56 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 18, 2022 License: Apache-2.0 Imports: 11 Imported by: 0

README

Dex-Operator

Build

Background

In the default DEX installation on Kubernetes, clients are usually configured by adding static clients in the DEX secret containing the DEX config file. This adds complexity when adding oidc authentication to other applications in the cluster.

This small operator adds a clientcrd and by using the DEX GRPC api adds and manages dynamic clients. An application that needs oidc authentication can simply add the needed CRD during creation and use the dynamicly created oidc client in DEX.

Installing

The operator currently requires Certmanager and Dex installed. Install the operator by running the dex-operator helm 3 chart in contrib/charts/dex-operator.

Install DEX using the official helm chart and set at least the following:

certs:
  web:
    create: true
    altNames:
      - dex
  grpc:
    create: true
    altNames:
      - dex
    secret:
      serverTlsName: dex-grpc-server-tls
      clientTlsName: dex-grpc-client-tls
      caName: dex-grpc-ca
    server:
      secretName: dex-grpc-server-cert

Images

Built images are pushed to: quay.io/betsson-oss/dex-operator

Using dex-operator

The dex operator is controlled using CRD's. To add a new OIDC client to current running DEX server, deploy the following yaml:

apiVersion: dex.betssongroup.com/v1
kind: Client
metadata:
  name: argocd # Must be unique inside DEX
spec:
  name: ArgoCD
  secret: 33559e7361087368bdac8e93f889c963d2c29399
  redirectURIs:
    - https://argocd/auth/callback # Where the oidc client should redirect back

The complete schema is:

apiVersion: dex.betssongroup.com/v1
kind: Client
metadata:
  name: test-client
spec:
  name: test client
  secret: faa85ae56aae06999f8681ba2e9b2ff1bc6608b8
  public: true
  redirectURIs:
    - https://localhost:1234/auth
  trustedPeers:
    - web
  logoURL: https://foo/img.png

Developing

Built using kubebuilder

Adding Controllers

This project is built using kubebuilder To add a new controller run:

kubebuilder create api --group dex.betssongroup.com --version v1 --kind MyKind

Building

make IMG=my-registry.tld/org/dex-operator docker-build docker-push deploy

Documentation

The Go Gopher

There is no documentation for this package.

Source Files

View all Source files

Directories

Path Synopsis
apis
dex/v1
Package v1 contains API Schema definitions for the dex v1 API group +kubebuilder:object:generate=true +groupName=dex.betssongroup.com
 Package v1 contains API Schema definitions for the dex v1 API group +kubebuilder:object:generate=true +groupName=dex.betssongroup.com
controllers
dex
pkg
dex

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.