search

Budibase / budibase

Low code platform for building business apps and workflows in minutes. Supports PostgreSQL, MySQL, MSSQL, MongoDB, Rest API, Docker, K8s, and more 🚀
https://budibase.com
Other
21.28k stars 1.44k forks source link

[BUDI-6951] OpenID Connect (OIDC) config in environment variables and Helm chart #8466

Open jtv8 opened 1 year ago

jtv8 commented 1 year ago

Describe the feature request

When self-hosting Budibase, it would be very helpful to be able to configure the OpenID Connect settings via environment variables, and to be able to set these environment variables from the values.yaml of the Helm chart.

This would be useful for orgs that use e.g. Terraform to configure their identity provider apps. The generated client ID and secret could then be injected into the Helm release rather than provided manually later. This would mean that the Budibase deployment is secure as soon as it is available, rather than having to create a superadmin account via the browser.

Example environment variables:

OIDC_CONFIG_URL
OIDC_CLIENT_ID
OIDC_CLIENT_SECRET
OIDC_CALLBACK_URL
OIDC_NAME
OIDC_ICON
OIDC_DEFAULT_SUPERADMIN_EMAIL

Example values.yaml snippet:

globals:
  appVersion: "latest"
  ...
  oidc:
    configURL: "https://foo.bar/config"
    callbackURL: "https://foo.bar/callback"
    clientID: "12345678-8765421"
    clientSecret: "8765421-12345678"
    name: "My OpenID Connect"
    icon: "https://foo.bar/icon.png"
    defaultSuperAdminEmail: "admin@foo.co"

BUDI-6951

stale[bot] commented 1 year ago

This issue has been automatically marked as stale because it has not had recent activity.