diff --git a/charts/config/templates/uds-package.yaml b/charts/config/templates/uds-package.yaml index b71316f3..637ac7b6 100644 --- a/charts/config/templates/uds-package.yaml +++ b/charts/config/templates/uds-package.yaml @@ -13,7 +13,12 @@ spec: clientId: uds-swf-gitlab redirectUris: - "https://gitlab.{{ .Values.domain }}/users/auth/openid_connect/callback" - + defaultClientScopes: + {{- if .Values.sso.defaultClientScopes }} + {{- range .Values.sso.defaultClientScopes }} + - "{{ . }}" + {{- end }} + {{- end }} secretName: {{ .Values.sso.secretName }} secretTemplate: # GitLab expects a providers JSON file that is documented more here: https://gitlab-org.gitlab.io/technical-writing-group/gitlab-docs-hugo/administration/auth/oidc/ @@ -55,11 +60,16 @@ spec: protocol: saml defaultClientScopes: + {{- if .Values.sso.defaultClientScopes }} + {{- range .Values.sso.defaultClientScopes }} + - "{{ . }}" + {{- end }} + {{- else }} - "mapper-saml-email-email" - "mapper-saml-firstname-first_name" - "mapper-saml-lastname-last_name" - "mapper-saml-grouplist-groups" - + {{- end }} attributes: saml.client.signature: "false" diff --git a/charts/config/values.yaml b/charts/config/values.yaml index de3e023d..a7bb6b8f 100644 --- a/charts/config/values.yaml +++ b/charts/config/values.yaml @@ -17,6 +17,8 @@ sso: # Note: the following settings only apply when using `saml` requiredGroups: [] adminGroups: ["/GitLab Admin", "/UDS Core/Admin"] + # This will replace the current list of default scopes. + defaultClientScopes: [] storage: internal: true # Set to false to use external storage selector: diff --git a/tasks.yaml b/tasks.yaml index e79eeba3..a3f829d7 100644 --- a/tasks.yaml +++ b/tasks.yaml @@ -62,8 +62,6 @@ tasks: actions: # TODO Delete dependencies.yaml after next releaser - task: upgrade:create-latest-tag-bundle - with: - dep_commands: ./uds run dependencies:create - task: setup:k3d-test-cluster - task: deploy:test-bundle - task: compliance:validate