github/wonderwall
1
0
Fork 0
mirror of https://github.com/nais/wonderwall.git synced 2026-02-14 17:49:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,249 Commits 2 Branches 0 Tags
master
Commit Graph

63 Commits

Author SHA1 Message Date
Trong Huu Nguyen
639893224f charts: add dependency to reloader 2026-01-19 08:32:54 +01:00
Trong Huu Nguyen
5febe7c766 feat: remove support for legacy cookie 2025-12-03 13:54:11 +01:00
Terje Sannum
0d2fe65b4d allow scraping from alloy 2025-11-04 13:22:24 +01:00
Trong Huu Nguyen
4e536328cf refactor(charts): use checksum annotation instead of relying on reloader 2025-07-04 09:59:10 +02:00
Trong Huu Nguyen
fa70c6f878 refactor(charts): move non-secret configuration to deployment 
Also converts secrets to use data instead of stringData to avoid stale
keys being kept, due to server-side apply merging stringData with
existing data instead of overwriting (i.e. removing unset keys).
 2025-07-04 09:57:35 +02:00
Trong Huu Nguyen
17a4683c4f fix(charts): set valkey connection idle timeout for forward-auth 2025-07-01 14:45:56 +02:00
Trong Huu Nguyen
f562f6479a feat(charts): replace in-cluster valkey with aiven valkey 2025-07-01 14:03:02 +02:00
Trong Huu Nguyen
ca6f2f9ea3 feat(charts): disable session inactivity for forward-auth 2025-07-01 14:02:34 +02:00
Trong Huu Nguyen
0a25ec2331 charts: set otel variables for tracing 2025-05-28 11:00:13 +02:00
Trong Huu Nguyen
722c382944 charts: set tenant variable for dashboard url 2025-05-28 10:52:33 +02:00
Trong Huu Nguyen
5c091c5965 charts: add monitoring for wonderwall-forward-auth 2025-05-28 10:02:22 +02:00
Trong Huu Nguyen
798ba7d38b charts: set additional scopes for forward-auth 2025-05-23 09:28:36 +02:00
Trong Huu Nguyen
b21068f522 feat: set response headers for forward-auth behind feature flag 2025-05-22 09:04:58 +02:00
Trong Huu Nguyen
18a3c2cf96 charts: add scopes for forward-auth 2025-05-22 09:04:06 +02:00
Thomas Krampl
79c1ed23f9 wonderwall-forward-auth: Set checksum as annotation 
Co-authored-by: Trong Huu Nguyen <trong.huu.nguyen@nav.no>
 2025-05-21 14:44:22 +02:00
Thomas Krampl
023061b496 wonderwall-forward-auth: restart deployment when secret changes 
Co-authored-by: Trong Huu Nguyen <trong.huu.nguyen@nav.no>
 2025-05-21 14:34:26 +02:00
Thomas Krampl
332f39aba9 wonderwall-forward-auth: add zitadel project id as aud 
Co-authored-by: Trong Huu Nguyen <trong.huu.nguyen@nav.no>
 2025-05-21 14:07:12 +02:00
Trong Huu Nguyen
733901ecdf charts: add missing network policies 
Co-Authored-By: Thomas Siegfried Krampl <thomas.siegfried.krampl@nav.no>
 2025-05-21 11:17:52 +02:00
Trong Huu Nguyen
a59a37e0bd charts: correct template for default redirect URL 
Co-Authored-By: Thomas Siegfried Krampl <thomas.siegfried.krampl@nav.no>
 2025-05-21 11:03:51 +02:00
Trong Huu Nguyen
14b1247f4a charts: add missing source for forward-auth 
Co-Authored-By: Thomas Siegfried Krampl <thomas.siegfried.krampl@nav.no>
 2025-05-21 10:52:23 +02:00
Trong Huu Nguyen
53dc9d9f40 charts: add wonderwall-forward-auth 
Co-Authored-By: Thomas Siegfried Krampl <thomas.siegfried.krampl@nav.no>
 2025-05-21 10:38:27 +02:00
Sten Røkke
de424d9e7b fix: excluding postgres namespaces from replication config 2025-05-21 09:59:33 +02:00
Trong Huu Nguyen
c08bdb2769 charts: add missing dependency to mutilator 2025-03-03 08:25:45 +01:00
Trong Huu Nguyen
75a567e631 charts: replace aiven redis with valkey 2025-02-27 20:28:47 +01:00
Trong Huu Nguyen
c77a7517a2 charts: set helm resource policy for redis 2025-02-26 09:27:32 +01:00
Trong Huu Nguyen
90bbc44723 feat(charts): enable otel by default 2025-02-04 19:13:19 +01:00
Trong Huu Nguyen
63b40b2cea feat(charts): set correct otel collector endpoint 
Co-authored-by: sindrerh2 <sindre.rodseth.hansen@nav.no>
 2025-02-03 13:04:02 +01:00
Trong Huu Nguyen
055c62db97 feat(charts): configure otel endpoint, remove unused otel variables 
Co-authored-by: sindrerh2 <sindre.rodseth.hansen@nav.no>
 2025-02-03 11:02:32 +01:00
Trong Huu Nguyen
2b46bdae90 fix(charts): redis variables depend on aiven resource name 2025-01-31 08:02:53 +01:00
Trong Huu Nguyen
11fa757bfb chart: add otel.enable config to fasit feature 
Co-authored-by: sindrerh2 <sindre.rodseth.hansen@nav.no>
 2025-01-30 14:18:20 +01:00
Trong Huu Nguyen
60f2ad839f chart: add feature toggle for otel 
Co-authored-by: sindrerh2 <sindre.rodseth.hansen@nav.no>
 2025-01-30 14:03:41 +01:00
Trong Huu Nguyen
c1d59e3bdc chart: enable generic openid provider by default 
Co-authored-by: sindrerh2 <sindre.rodseth.hansen@nav.no>
 2025-01-24 12:43:39 +01:00
Trong Huu Nguyen
a29cc3046d chart: enable forward-auth endpoint with inactivity timeout 2025-01-17 10:26:54 +01:00
Trong Huu Nguyen
e3fb0cc888 chart: remove obsolete session refresh flags 2025-01-17 10:26:20 +01:00
Trong Huu Nguyen
01a256c972 charts: add alert rule for forward-auth, links to dashboard 2025-01-14 08:36:26 +01:00
Trong Huu Nguyen
381ca1d21d chart: add resource suffix to idportenclient 2024-11-14 16:47:29 +01:00
Trong Huu Nguyen
f60cf79da6 chart: add resourceSuffix value 
Hack for resources that may conflict in parallel environments.
 2024-11-14 16:20:24 +01:00
Trong Huu Nguyen
0751d1877a chart: remove requirement for bool configs 2024-11-06 09:47:39 +01:00
Trong Huu Nguyen
3cae769d87 chart: require all provider toggles 2024-11-05 08:39:42 +01:00
Trong Huu Nguyen
bd33d2d5cd chart: set azure and idporten to false by default 2024-10-09 08:58:50 +02:00
Trong Huu Nguyen
54c24db4ed chart: support well-known url config for openid 2024-10-03 14:16:15 +02:00
Trong Huu Nguyen
f5d2f6615e chart: add toggle for openid 
Co-authored-by: Morten Lied Johansen <morten.lied.johansen@nav.no>
 2024-09-11 13:03:12 +02:00
Trong Huu Nguyen
16ccb3a6be feat(config): add explicit toggle for legacy cookies 2024-06-26 12:20:05 +02:00
Trong Huu Nguyen
9ff6d91f2f chart: set samesite for forward-auth 
This sets the `SameSite` cookie attribute to `None` for the
forward-auth deployment.

We do this to prevent redirect loops when upstream services
handle their own authentication flow (e.g. using SAML) where the
callback request from the identity provider is an HTTP POST.

Such requests are by definition cross-site. The default `SameSite`
value of `Lax` results in the session cookie not being included.
This essentially means that the user is considered unauthenticated by
the forward-auth service when the callback request is processed.
 2024-04-24 15:06:58 +02:00
Trong Huu Nguyen
8f33328bc3 chart: add additional group ids config for forward-auth 2024-04-24 09:50:58 +02:00
Trong Huu Nguyen
362cca11ce chart: correct reference to toggle 2024-04-05 13:36:26 +02:00
Trong Huu Nguyen
4ee14834a4 chart: require sso domain 2024-04-05 13:25:21 +02:00
Trong Huu Nguyen
e9db143882 chart: rename idporten-specific templates 2024-04-05 13:16:07 +02:00
Trong Huu Nguyen
9132361a52 chart: add missing hpa and pdb for forwardauth, move related keys to separate stanza 2024-04-05 13:15:59 +02:00
Trong Huu Nguyen
47f2d219de chart: disable global auth for forwardAuth ingress 2024-04-04 12:04:15 +02:00