From e15d44b64a54f97457b9891201556d1dbbab9171 Mon Sep 17 00:00:00 2001
From: Janne Mareike Koschinski <janne@kuschku.de>
Date: Wed, 11 May 2022 17:58:56 +0200
Subject: [PATCH] fix: allow setting auth for oauth2-proxy

---
 oauth2-proxy/templates/deployment.yaml | 3 ++-
 oauth2-proxy/values.yaml               | 6 +++++-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/oauth2-proxy/templates/deployment.yaml b/oauth2-proxy/templates/deployment.yaml
index 64dce2b..e23101a 100644
--- a/oauth2-proxy/templates/deployment.yaml
+++ b/oauth2-proxy/templates/deployment.yaml
@@ -47,9 +47,10 @@ spec:
                   key: cookie-secret
                   name: {{ include "oauth2-proxy-helm.fullname" . }}
           args:
-            {{ range .Values.roles }}
+            {{ range .Values.auth.roles }}
             - "--allowed-role={{ . }}"
             {{ end }}
+            - "--email-domain={{ .Values.auth.emailDomain }}"
             - "--redirect-url=https://{{ .Values.ingress.host }}{{ .Values.ingress.path }}oauth2/callback"
             - "--oidc-issuer-url={{ .Values.oidc.discoveryUrl }}"
             - "--upstream=file:///dev/null"
diff --git a/oauth2-proxy/values.yaml b/oauth2-proxy/values.yaml
index 275d82c..aac0537 100644
--- a/oauth2-proxy/values.yaml
+++ b/oauth2-proxy/values.yaml
@@ -14,6 +14,10 @@ oidc:
   clientId: ""
   clientSecret: ""
 
+auth:
+  emailDomain: "*"
+  roles: [ ]
+
 cookieSecret: ""
 
 service:
@@ -22,7 +26,7 @@ service:
 ingress:
   host: "example.com"
   path: "/"
-  annotations: {}
+  annotations: { }
 
 podAnnotations: { }
 
-- 
GitLab