remove oauth2initcontainer from tandoor

charts/tandoor/Chart.yaml

@@ -3,5 +3,5 @@ name: tandoor
 description: Application for managing recipes, planning meals, building shopping lists and much much more!
 home: https://gitlab.com/oecis/charts/-/tree/main/charts/tandoor
 type: application
-version: 0.1.1
+version: 0.1.2
 appVersion: "1.5.9"

charts/tandoor/README.md

@@ -1,6 +1,6 @@
 # tandoor
 
-![Version: 0.1.1](https://img.shields.io/badge/Version-0.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.5.9](https://img.shields.io/badge/AppVersion-1.5.9-informational?style=flat-square)
+![Version: 0.1.2](https://img.shields.io/badge/Version-0.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.5.9](https://img.shields.io/badge/AppVersion-1.5.9-informational?style=flat-square)
 
 Application for managing recipes, planning meals, building shopping lists and much much more!
 
@@ -15,6 +15,7 @@ Application for managing recipes, planning meals, building shopping lists and mu
 | autoscaling.maxReplicas | int | `100` |  |
 | autoscaling.minReplicas | int | `1` |  |
 | autoscaling.targetCPUUtilizationPercentage | int | `80` |  |
+| extraVolumes | list | `[]` |  |
 | fullnameOverride | string | `""` |  |
 | imagePullSecrets | list | `[]` |  |
 | ingress.annotations | object | `{}` |  |
@@ -22,15 +23,13 @@ Application for managing recipes, planning meals, building shopping lists and mu
 | ingress.enabled | bool | `false` |  |
 | ingress.hosts[0].host | string | `"tandoor.local"` |  |
 | ingress.tls | list | `[]` |  |
+| initContainers | list | `[]` |  |
 | nameOverride | string | `""` |  |
 | nginx.image.pullPolicy | string | `"IfNotPresent"` |  |
 | nginx.image.repository | string | `"nginx"` |  |
 | nginx.image.tag | string | `"mainline-alpine"` |  |
 | nginx.resources | object | `{}` |  |
 | nodeSelector | object | `{}` |  |
-| oauth2InitContainer.config | object | `{}` |  |
-| oauth2InitContainer.enabled | bool | `false` |  |
-| oauth2InitContainer.env | list | `[]` |  |
 | persistence.mediafiles.accessMode | string | `"ReadWriteOnce"` |  |
 | persistence.mediafiles.annotations | object | `{}` |  |
 | persistence.mediafiles.name | string | `"tandoor-mediafiles"` |  |
@@ -48,6 +47,7 @@ Application for managing recipes, planning meals, building shopping lists and mu
 | serviceAccount.annotations | object | `{}` |  |
 | serviceAccount.create | bool | `true` |  |
 | serviceAccount.name | string | `""` |  |
+| tandoor.command | list | `[]` |  |
 | tandoor.config.encryptionKey.secretKey | string | `"encryption-key"` |  |
 | tandoor.config.encryptionKey.secretName | string | `""` |  |
 | tandoor.config.postgres.db | string | `"tandoor"` |  |
@@ -57,6 +57,7 @@ Application for managing recipes, planning meals, building shopping lists and mu
 | tandoor.config.postgres.port | int | `5432` |  |
 | tandoor.config.postgres.user | string | `"tandoor"` |  |
 | tandoor.extraEnv | list | `[]` |  |
+| tandoor.extraVolumeMounts | list | `[]` |  |
 | tandoor.image.pullPolicy | string | `"IfNotPresent"` |  |
 | tandoor.image.repository | string | `"vabene1111/recipes"` |  |
 | tandoor.image.tag | string | `""` |  |

charts/tandoor/templates/deployment.yaml

@@ -40,22 +40,12 @@ spec:
         - name: nginx-config
           configMap:
             name: tandoor-nginx-config
-      {{- if .Values.oauth2InitContainer.enabled }}
+        {{- if not (empty .Values.extraVolumes ) }}
-        - name: env
+          {{- toYaml .Values.extraVolumes | nindent 8 }}
-          emptyDir:
+        {{- end }}
-            medium: Memory
+      {{- if not (empty .Values.initContainers)}}
       initContainers:
-        - name: {{ include "tandoor.fullname" . }}-oidc-env-populator
+        {{- toYaml .Values.initContainers | nindent 10}}
-          image: busybox
-          volumeMounts:
-            - mountPath: /env
-              name: env
-          command: ["/bin/sh"]
-          args: ["-c", {{ quote (printf "echo 'export SOCIALACCOUNT_PROVIDERS=%q' > /env/oauth2_config" ( .Values.oauth2InitContainer.config | toJson )) }}]
-          {{- if not (empty .Values.oauth2InitContainer.env) }}
-          env:
-            {{- toYaml .Values.oauth2InitContainer.env | nindent 12 }}
-          {{- end}}
       {{- end }}
       containers:
         - name: {{ include "tandoor.fullname" . }}
@@ -63,16 +53,9 @@ spec:
             {{- toYaml .Values.securityContext | nindent 12 }}
           image: "{{ .Values.tandoor.image.repository }}:{{ .Values.tandoor.image.tag | default .Chart.AppVersion }}"
           imagePullPolicy: {{ .Values.tandoor.image.pullPolicy }}
-          {{- if .Values.oauth2InitContainer.enabled }}
+          {{- if not (empty .Values.tandoor.command) }}
           command:
-            - sh
+            {{- toYaml .Values.tandoor.command | nindent 12 }}
-            - -c
-            - |
-              set -e
-              echo "Loading oauth2 config from /env/oauth2_config"
-              source /env/oauth2_config
-              echo "Starting 'recipes'"
-              /opt/recipes/boot.sh
           {{- end }}
           livenessProbe:
             httpGet:
@@ -125,10 +108,9 @@ spec:
               name: mediafiles
             - mountPath: /opt/recipes/staticfiles
               name: staticfiles
-          {{- if .Values.oauth2InitContainer.enabled }}
+            {{- if not (empty .Values.tandoor.extraVolumeMounts) }}
-            - mountPath: /env
+              {{- toYaml .Values.tandoor.extraVolumeMounts | nindent 12 }}
-              name: env
+            {{- end}}
-          {{- end}}
         - name: {{ include "tandoor.fullname" . }}-nginx
           image: {{ .Values.nginx.image.repository }}:{{ .Values.nginx.image.tag }}
           imagePullPolicy: {{ .Values.nginx.image.pullPolicy }}

charts/tandoor/values.yaml

@@ -79,21 +79,8 @@ tolerations: []
 
 affinity: {}
 
-# oauth2InitContainer is used to inject the oauth2 provider configuration
+initContainers: []
-oauth2InitContainer:
+extraVolumes: []
-  enabled: false
-  config: {}
-    # openid_connect:
-      # SERVERS:
-        # - id: oecis
-          # name: Oecis
-          # server_url: https://hydra.oecis.io
-          # token_auth_method: client_secret_post
-          # APP:
-            # client_id: "$(OIDC_CLIENT_ID)"
-            # client_secret: "$(OIDC_CLIENT_SECRET)"
-  # you can use env to add secrets like OIDC_CLIENT_SECRET
-  env: []
 nginx:
   image:
     repository: nginx
@@ -102,11 +89,9 @@ nginx:
     tag: "mainline-alpine"
   resources: {}
 tandoor:
-  # extraEnv can be used to select an oauth2 provider:
+  command: []
-  # extraEnv:
-    # - name: SOCIAL_PROVIDERS
-    #   value: allauth.socialaccount.providers.openid_connect
   extraEnv: []
+  extraVolumeMounts: []
   image:
     repository: vabene1111/recipes
     pullPolicy: IfNotPresent