comms(mas): enable internal admin API
This commit is contained in:
parent
32f1532508
commit
144467dfe2
@ -22,13 +22,18 @@ data:
|
|||||||
- name: internal
|
- name: internal
|
||||||
resources:
|
resources:
|
||||||
- name: health
|
- name: health
|
||||||
|
- name: adminapi
|
||||||
binds:
|
binds:
|
||||||
- host: localhost
|
- address: "0.0.0.0:8081"
|
||||||
port: 8081
|
|
||||||
|
|
||||||
database:
|
database:
|
||||||
uri: "postgresql://mas:@@MAS_DB_PASSWORD@@@postgres-service.postgres.svc.cluster.local:5432/mas?sslmode=prefer"
|
uri: "postgresql://mas:@@MAS_DB_PASSWORD@@@postgres-service.postgres.svc.cluster.local:5432/mas?sslmode=prefer"
|
||||||
|
|
||||||
|
clients:
|
||||||
|
- client_id: 01KDXMVQBQ5JNY6SEJPZW6Z8BM
|
||||||
|
client_auth_method: client_secret_basic
|
||||||
|
client_secret_file: /etc/mas/admin-client/client_secret
|
||||||
|
|
||||||
secrets:
|
secrets:
|
||||||
encryption_file: /etc/mas/secrets/encryption
|
encryption_file: /etc/mas/secrets/encryption
|
||||||
keys:
|
keys:
|
||||||
@ -72,6 +77,8 @@ data:
|
|||||||
|
|
||||||
policy:
|
policy:
|
||||||
data:
|
data:
|
||||||
|
admin_clients:
|
||||||
|
- 01KDXMVQBQ5JNY6SEJPZW6Z8BM
|
||||||
client_registration:
|
client_registration:
|
||||||
allow_insecure_uris: true
|
allow_insecure_uris: true
|
||||||
allow_host_mismatch: true
|
allow_host_mismatch: true
|
||||||
|
|||||||
@ -14,7 +14,7 @@ spec:
|
|||||||
template:
|
template:
|
||||||
metadata:
|
metadata:
|
||||||
annotations:
|
annotations:
|
||||||
checksum/config: v4-bind-1
|
checksum/config: v5-adminapi-1
|
||||||
labels:
|
labels:
|
||||||
app: matrix-authentication-service
|
app: matrix-authentication-service
|
||||||
spec:
|
spec:
|
||||||
@ -80,6 +80,9 @@ spec:
|
|||||||
- name: http
|
- name: http
|
||||||
containerPort: 8080
|
containerPort: 8080
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
|
- name: internal
|
||||||
|
containerPort: 8081
|
||||||
|
protocol: TCP
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: rendered
|
- name: rendered
|
||||||
mountPath: /rendered
|
mountPath: /rendered
|
||||||
@ -87,6 +90,9 @@ spec:
|
|||||||
- name: secrets
|
- name: secrets
|
||||||
mountPath: /etc/mas/secrets
|
mountPath: /etc/mas/secrets
|
||||||
readOnly: true
|
readOnly: true
|
||||||
|
- name: admin-client
|
||||||
|
mountPath: /etc/mas/admin-client
|
||||||
|
readOnly: true
|
||||||
- name: keys
|
- name: keys
|
||||||
mountPath: /etc/mas/keys
|
mountPath: /etc/mas/keys
|
||||||
readOnly: true
|
readOnly: true
|
||||||
@ -122,6 +128,12 @@ spec:
|
|||||||
items:
|
items:
|
||||||
- key: rsa_key
|
- key: rsa_key
|
||||||
path: rsa_key
|
path: rsa_key
|
||||||
|
- name: admin-client
|
||||||
|
secret:
|
||||||
|
secretName: mas-admin-client-runtime
|
||||||
|
items:
|
||||||
|
- key: client_secret
|
||||||
|
path: client_secret
|
||||||
---
|
---
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Service
|
kind: Service
|
||||||
@ -136,3 +148,7 @@ spec:
|
|||||||
port: 8080
|
port: 8080
|
||||||
targetPort: http
|
targetPort: http
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
|
- name: internal
|
||||||
|
port: 8081
|
||||||
|
targetPort: internal
|
||||||
|
protocol: TCP
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user