From db1ae69e18513f5fadb1e8b583f6eda3364c8445 Mon Sep 17 00:00:00 2001
From: cooldragontattoo <troy.rttr@gmail.com>
Date: Thu, 30 Jan 2025 07:57:13 -0700
Subject: [PATCH] pass sso creds

---
 .github/workflows/eks-deploy.yml |  9 +++++++++
 helm/values.eks.yaml             | 18 ++++++++++++++++++
 2 files changed, 27 insertions(+)

diff --git a/.github/workflows/eks-deploy.yml b/.github/workflows/eks-deploy.yml
index 78eb7d5321..917a5115fa 100644
--- a/.github/workflows/eks-deploy.yml
+++ b/.github/workflows/eks-deploy.yml
@@ -95,6 +95,15 @@ jobs:
           --set containers[0].env[3].value=${{ secrets.ES_PORT }}
           --set containers[0].env[4].value=${ES_CREDS_USERNAME}
           --set containers[0].env[5].value=${ES_CREDS_PASSWORD}
+          --set containers[0].env[6].value=${{ secrets.ENABLE }}
+          --set containers[0].env[7].value=${{ secrets.OIDC_CLIENT_ID }}
+          --set containers[0].env[8].value=${{ secrets.OIDC_CLIENT_SECRET }}
+          --set containers[0].env[9].value=${{ secrets.OIDC_ALGO }}
+          --set containers[0].env[10].value=${{ secrets.OIDC_ENDPOINT }}
+          --set containers[0].env[11].value=${{ secrets.OIDC_AUTH_ENDPOINT }}
+          --set containers[0].env[9].value=${{ secrets.OIDC_TOKEN }}
+          --set containers[0].env[10].value=${{ secrets.OIDC_USER_ENDPOINT }}
+          --set containers[0].env[11].value=${{ secrets.OIDC_ADMIN_ROLE }}
           --set containers[1].image.repository=${{ secrets.CFGOV_APACHE_IMAGE }}
           --set containers[1].image.tag=${GITHUB_SHA}
           --set mapping.host=${{ secrets.HOST }}
\ No newline at end of file
diff --git a/helm/values.eks.yaml b/helm/values.eks.yaml
index 829d16443c..06706a18a9 100644
--- a/helm/values.eks.yaml
+++ b/helm/values.eks.yaml
@@ -70,6 +70,24 @@ containers:
       value: ""
     - name: ES_PASS
       value: ""
+    - name: enable_sso
+      value: ""
+    - name: oidc_rp_client_id 
+      value: ""
+    - name: oidc_rp_client_secret 
+      value: ""
+    - name: oidc_rp_sign_algo
+      value: ""
+    - name: oidc_op_jwks_endpoint 
+      value: ""
+    - name: oidc_op_authorization_endpoint 
+      value: ""
+    - name: oidc_op_token_endpoint
+      value: ""
+    - name: oidc_op_user_endpoint 
+      value: ""
+    - name: oidc_op_admin_role 
+      value: ""
     resources:
       limits:
         cpu: 100m