Skip to content

Commit

Permalink
add backend keycloak client secret
Browse files Browse the repository at this point in the history
  • Loading branch information
@theosanderson
theosanderson committed Apr 28, 2024
1 parent 82425b4 commit e994398
Show file tree
Hide file tree
Showing 5 changed files with 14 additions and 4 deletions.
5 changes: 5 additions & 0 deletions kubernetes/loculus/templates/_config-processor.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,11 @@
secretKeyRef:
name: smtp-password
key: secretKey
- name: LOCULUSSUB_backendKeycloakClientSecret
valueFrom:
secretKeyRef:
name: backend-keycloak-client-secret
key: backendKeycloakClientSecret
{{- end }}


Expand Down
3 changes: 2 additions & 1 deletion kubernetes/loculus/templates/loculus-website-config.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,8 @@ data:
},
"public": {
{{- template "loculus.publicRuntimeConfig" dict "Values" .Values "externalLapisUrlConfig" $externalLapisUrlConfig -}}
}
},
"backendKeycloakClientSecret" : "[[backendKeycloakClientSecret]]"
}
Expand Down
4 changes: 2 additions & 2 deletions kubernetes/loculus/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -935,10 +935,10 @@ secrets:
type: sealed
data:
apikey: somesecurekey
- name: keycloak-client-secret
- name: backend-keycloak-client-secret
type: autogen
data:
clientSecret: "secret"
backendKeycloakClientSecret: ""
additionalHeadHTML: '<script defer data-domain="main.loculus.org" src="https://plausible.io/js/script.js"></script>'
bannerMessage: "This is a development environment. Data will not be persisted."

1 change: 1 addition & 0 deletions website/src/types/runtimeConfig.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,5 +19,6 @@ export const serverConfig = serviceUrls.merge(
export const runtimeConfig = z.object({
public: serviceUrls,
serverSide: serverConfig,
backendKeycloakClientSecret: z.string(),
});
export type RuntimeConfig = z.infer<typeof runtimeConfig>;
5 changes: 4 additions & 1 deletion website/src/utils/clientMetadata.ts
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,10 @@
// TODO: #1337 Move to config
import { getRuntimeConfig } from "../config";
const runtimeConfig = getRuntimeConfig();

export const clientMetadata = {
client_id: 'backend-client',
response_types: ['code', 'id_token'],
client_secret: 'someSecret',
client_secret: runtimeConfig.backendKeycloakClientSecret,
public: true,
};

0 comments on commit e994398

Please sign in to comment.