search

freiheit-com / kuberpult

Kuberpult helps you manage different versions of different microservices in different cluster.
MIT License
39 stars 11 forks source link

[dex] Service name in dex.go is not always the same #1597

Open jdvgh opened 6 months ago

jdvgh commented 6 months ago

When creating a kuberpult deployment, the dex-service-name is based upon the release name:

  1. Remove *.tgz line from charts/kuberpult/.helmignore 
    cd charts/kuberpult
rm Chart.yaml
make Chart.yaml
helm dependency update
helm template --namespace kuberpult-test kuberpult-release-name . --set ingress.create=false --set auth.dexAuth.enabled=true --set auth.dexAuth.installDex=true --set git.url="https://kuberpult.example.com"

    We will get the dex service:

    # Source: kuberpult/charts/dex/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: kuberpult-release-name-dex

(refer to : https://github.com/dexidp/helm-charts/blob/master/charts/dex/templates/service.yaml#L4 and https://github.com/dexidp/helm-charts/blob/master/charts/dex/templates/_helpers.tpl#L21)

However, the name kuberpult uses is hardcoded: https://github.com/freiheit-com/kuberpult/blob/c70960f98c81ee1ad3bc708f81b9fbf3edaa04a8/pkg/auth/dex.go#L62

So if the release name differs from kuberpult or we change the dex name in another way, we will get an issue e.g.: image

So either the name of dex should be set in the values.yaml (e.g. dex.fullnameOverride = kuberpult-dex), or the line in dex.go should be adapted.

e.g. running:

helm template --namespace kuberpult-test kuberpult-release-name . --set ingress.create=false --set auth.dexAuth.enabled=true --set auth.dexAuth.installDex=true --set git.url="https://kuberpult.example.com" --set dex.fullnameOverride=kuberpult-dex

will return the service:

# Source: kuberpult/charts/dex/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
  name: kuberpult-dex
  labels:
    helm.sh/chart: dex-0.17.1
    app.kubernetes.io/name: dex
    app.kubernetes.io/instance: kuberpult-release-name
    app.kubernetes.io/version: "2.39.1"
    app.kubernetes.io/managed-by: Helm
sven-urbanski-freiheit-com commented 6 months ago

I think we need to add this as an environment variable, so that dexServiceURL is not hardcoded, and pass this value also to the dex helm parameter (dex.fullnameOverride), so that the 2 helm charts get the same value.