From cfa7bd8198507c15e4dbd118e0054cbc98ecbeef Mon Sep 17 00:00:00 2001
From: Brad Stein <Brad.Stein@gmail.com>
Date: Tue, 16 Dec 2025 20:13:52 -0300
Subject: [PATCH] fix: jenkins casc OIDC using explicit endpoints

---
 services/jenkins/helmrelease.yaml | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/services/jenkins/helmrelease.yaml b/services/jenkins/helmrelease.yaml
index 9d2e450..ac6b8b6 100644
--- a/services/jenkins/helmrelease.yaml
+++ b/services/jenkins/helmrelease.yaml
@@ -136,8 +136,10 @@ spec:
                 oic:
                   clientId: "${OIDC_CLIENT_ID}"
                   clientSecret: "${OIDC_CLIENT_SECRET}"
-                  wellKnownOpenIDConfigurationUrl: "${OIDC_ISSUER}/.well-known/openid-configuration"
-                  scopes: "openid profile email"
+                  tokenServerUrl: "${OIDC_TOKEN_URL}"
+                  authorizationServerUrl: "${OIDC_AUTH_URL}"
+                  userInfoServerUrl: "${OIDC_USERINFO_URL}"
+                  logoutUrl: "${OIDC_LOGOUT_URL}"
                   userNameField: "preferred_username"
                   fullNameFieldName: "name"
                   emailFieldName: "email"