Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Server Helm Chart: add section for security #3779

Closed
sven-dmlr opened this issue Jan 8, 2025 · 0 comments · Fixed by #3780
Closed

Server Helm Chart: add section for security #3779

sven-dmlr opened this issue Jan 8, 2025 · 0 comments · Fixed by #3780
Assignees
@sven-dmlr
Labels
configuration container deployment operation
Milestone
Server 2.5.0

Comments

@sven-dmlr
Copy link
Member

sven-dmlr commented Jan 8, 2025
edited
Loading

Situation

There are a bunch of new variables introduced since the web-server functionality has been added to SecHub server:

  security:
    server:
      modes:
        - oauth2
        - classic
      oauth2:
        mode: jwt
        jwt:
          jwk-set-uri: http://localhost:8080/realms/local-realm/protocol/openid-connect/certs
        opaque-token:
          client-id: my-client-id
          client-secret: ...
          introspection-uri: http://localhost:8080/introspect.oauth2
    login:
      enabled: true
      login-page: /login
      redirect-uri: https://www.google.com
      modes:
        - oauth2
        - classic
      oauth2:
        client-id: web-ui-server-local
        client-secret: ...
        provider: keycloak
        redirect-uri: https://localhost:8443/login/oauth2/code/keycloak
        issuer-uri: http://localhost:8080/realms/local-realm
        authorization-uri: http://localhost:8080/realms/local-realm/protocol/openid-connect/auth
        token-uri: http://localhost:8080/realms/local-realm/protocol/openid-connect/token
        user-info-uri: http://localhost:8080/realms/local-realm/protocol/openid-connect/userinfo
        jwk-set-uri: http://localhost:8080/realms/local-realm/protocol/openid-connect/certs
    encryption:
      secret-key: ...

ToDo

  • Add the new attributes to the server's Helm chart in values.yaml and set the environment variables in the container accordingly
  • add explaining comments to the new attributes
  • remove the old oauth2 section which is no longer needed
@sven-dmlr sven-dmlr added this to the Server 2.5.0 milestone Jan 8, 2025
@sven-dmlr sven-dmlr self-assigned this Jan 8, 2025
sven-dmlr added a commit that referenced this issue Jan 8, 2025
@sven-dmlr
added security section to Helm chart #3779
a1bb836
@sven-dmlr sven-dmlr mentioned this issue Jan 8, 2025
Merged
sven-dmlr added a commit that referenced this issue Jan 9, 2025
@sven-dmlr
adapted variable names in Helm chart #3779
e6ab99e
sven-dmlr added a commit that referenced this issue Jan 10, 2025
@sven-dmlr
PR suggestion added #3779
2634eb9
sven-dmlr added a commit that referenced this issue Jan 10, 2025
@sven-dmlr
Merge pull request #3780 from mercedes-benz/feature-3779-server-helm-…
0c7d822 
…chart-add-security-section

added security section to Helm chart #3779
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sven-dmlr sven-dmlr

Labels
configuration container deployment operation
Projects
None yet
Milestone
Server 2.5.0
Development

Successfully merging a pull request may close this issue.

added security section to Helm chart #3779 mercedes-benz/sechub
1 participant
@sven-dmlr