Install
Helm/Helmfile block sample with OIDC.
---
environments:
default:
values:
- domain: "kosmos.athea"
---
releases:
- name: jupyterhub-secrets
namespace: kosmos-data
chart: ../../jupyterhub4/jupyterhub-secrets
wait: true
labels:
app: jupyterhub4
- name: keycloakimporter-jupyterhub
namespace: kosmos-iam
labels:
app: jupyterhub4
needs:
- kosmos-data/jupyterhub-secrets
chart: ../../keycloakimporter/keycloakimporter
values:
- values_templates/jupyterhub/import-client-jupyterhub.yaml.gotmpl
- name: jupyterhub
namespace: kosmos-data
chart: ../../jupyterhub4/jupyterhub
wait: true
skipDeps: true
labels:
app: jupyterhub4
needs:
- kosmos-iam/keycloakimporter-jupyterhub
- kosmos-data/jupyterhub-secrets
values:
- ../../jupyterhub4/values.yaml
- ingress:
hosts:
- jupyterhub.{{ .StateValues.domain }}
tls:
- hosts:
- jupyterhub.{{ .StateValues.domain }}
secretName: jupyterhub-cert
- hub:
cookieSecret: ref+k8s://v1/Secret/kosmos-data/jupyterhub-oidc-secret/cookieSecret
config:
GenericOAuthenticator:
client_secret: ref+k8s://v1/Secret/kosmos-data/jupyterhub-oidc-secret/clientSecret
oauth_callback_url: https://jupyterhub.{{ .StateValues.domain }}/hub/oauth_callback
authorize_url: https://auth.{{ .StateValues.domain }}/realms/kosmos/protocol/openid-connect/auth
token_url: https://auth.{{ .StateValues.domain }}/realms/kosmos/protocol/openid-connect/token
userdata_url: https://auth.{{ .StateValues.domain }}/realms/kosmos/protocol/openid-connect/userinfo
allowed_groups:
- dataing
admin_groups:
- adminsysteme
- adminsecurite
- admininfra