Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

External auth example #245

Merged
merged 8 commits into from
Apr 14, 2024
Merged

External auth example #245

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
e067eb1
AWS external auth example
idanovo Apr 10, 2024
4eaab0a
AWS external auth example
idanovo Apr 10, 2024
2ffb7dd
PR review
idanovo Apr 11, 2024
bfe7269
Review comment
idanovo Apr 11, 2024
64d6b49
Bump chart version
idanovo Apr 11, 2024
060ac2e
PR review
idanovo Apr 11, 2024
bf1a813
Pulled from master
idanovo Apr 11, 2024
598eb7a
Bump chart version
idanovo Apr 11, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 0 additions & 1 deletion .github/workflows/release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,4 +49,3 @@ jobs:
uses: helm/[email protected]
env:
CR_TOKEN: "${{ secrets.CR_TOKEN }}"

2 changes: 1 addition & 1 deletion charts/lakefs/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: v2
name: lakefs
description: A Helm chart for running LakeFS on Kubernetes
type: application
version: 1.2.8
version: 1.2.9
appVersion: 1.18.0

home: https://lakefs.io
Expand Down
2 changes: 2 additions & 0 deletions charts/lakefs/templates/_env.tpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,8 @@ env:
value: {{ printf "%s/sso/login-saml" .Values.fluffy.sso.saml.lakeFSServiceProviderIngress }}
- name: LAKEFS_AUTH_UI_CONFIG_LOGOUT_URL
value: {{ printf "%s/sso/logout-saml" .Values.fluffy.sso.saml.lakeFSServiceProviderIngress }}
- name: LAKEFS_AUTH_AUTHENTICATION_API_ENDPOINT
value: {{ printf "http://%s/api/v1" (include "fluffy.ssoServiceName" .) | quote }}
{{- end }}
{{- if (.Values.fluffy.sso.oidc).enabled }}
- name: LAKEFS_AUTH_UI_CONFIG_LOGIN_URL
Expand Down
41 changes: 41 additions & 0 deletions examples/lakefs/enterprise/values-external-aws.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
ingress:
enabled: true
ingressClassName: <class-name>
hosts:
# the ingress that will be created for lakeFS
- host: <lakefs.ingress.domain>
paths:
- /

##################################################
########### lakeFS enterprise - FLUFFY ###########
##################################################

fluffy:
enabled: true
image:
repository: treeverse/fluffy
tag: '0.3.0'
pullPolicy: IfNotPresent
privateRegistry:
enabled: true
secretToken: <dockerhub-token-fluffy-image>
fluffyConfig: |
auth:
external:
aws_auth:
enabled: true
# the maximum age in seconds for the GetCallerIdentity request
#get_caller_identity_max_age: 60
# headers that must be present by the client when doing login request
required_headers:
# same host as the lakeFS server ingress
X-LakeFS-Server-ID: <lakefs.ingress.domain>
secrets:
create: true
sso:
enabled: true
rbac:
enabled: true

Isan-Rivkin marked this conversation as resolved.
Show resolved Hide resolved
useDevPostgres: true
Loading