Make kube-apiserver oidc flags configurable #84
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
closes: #75
Marked as draft because there are still TODO's left. But i wanted to commit what i have so far to get feedback.
I created an object
oidc_config
to group all relevant flags for better readability and because of a 'dependency'. The usage of OIDC in itself is optional, but if it is used, theoidc-issuer-url
andoidc-client-id
are required. This is the reason why i build the variable object and it's corresponding patch like this and i would love some feedback if there is a better way.Besides the two mentioned flags, all the other flags are optional. The question would be if we want them not to be used if omitted, or if we use sensible defaults.
And another open TODO are the descriptions. The question here is if we want to adopt the upstream docs (relatively much text) or think of something own.
A minimal config would look like this right now, while every option not provided will be set to the default value.
I tested the patching of values which is working already. But i could not do an actual "real world" test yet (cc @jschoone).
TODO's: