website/docs: Update ArgoCD integration docs. #9684
Conversation
✅ Deploy Preview for authentik-docs ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
✅ Deploy Preview for authentik-storybook canceled.
|
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #9684 +/- ##
==========================================
- Coverage 92.39% 92.36% -0.03%
==========================================
Files 704 704
Lines 34401 34403 +2
==========================================
- Hits 31785 31778 -7
- Misses 2616 2625 +9
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
There was a problem hiding this comment.
Thanks so much for this contribution @Gunsmithy ! I made a rather nit-picky request, sorry and please. :-)
| @@ -69,16 +132,25 @@ In the `argocd-secret` Secret, add the following value to the `data` field: | |||
| dex.authentik.clientSecret: <base 64 encoded value of the Client Secret from the Provider above> | |||
| ``` | |||
|
|
|||
| If using helm, the above can be added to `configs.secret.extra` like so, securely substituting the string however you see fit: | |||
There was a problem hiding this comment.
| If using helm, the above can be added to `configs.secret.extra` like so, securely substituting the string however you see fit: | |
| If using Helm, the above can be added to `configs.secret.extra` as shown below, securely substituting the string however you see fit: |
There was a problem hiding this comment.
I'd like to further edit this, to identify/qualify and be very specific on what "the above <?>" is... Can we say
"If using Helm, the above string/line/definition/? can be added to a configs.secret.extra section in the <??> file, as shown below, securely substituting the string however you see fit:"
These are nits (well not the capitalization, that's important), but for new users, it's always nice to be a bit pedantic, and say where (in what file) we are talking about.
There was a problem hiding this comment.
Amended, see what you think!
| } | ||
|
|
||
| data "authentik_scope_mapping" "scope-email" { | ||
| name = "authentik default OAuth Mapping: OpenID 'email'" |
There was a problem hiding this comment.
you could do something like this here:
data "authentik_scope_mapping" "test" {
managed_list = [
"goauthentik.io/providers/oauth2/scope-email",
"goauthentik.io/providers/oauth2/scope-openid",
"goauthentik.io/providers/oauth2/scope-profile",
]
}
and then use data.authentik_scope_mapping.test.ids down below
There was a problem hiding this comment.
Clean! I didn't realize there was a data source for these. I can make that change. I can make it on the Grafana one as well in this same PR if desired as I lifted this method from there.
There was a problem hiding this comment.
"goauthentik.io/providers/oauth2/scope-profile",
Details
Updated the ArgoCD integration documentation, primarly to add an example Terraform implementation similar to the one found in the Grafana integration docs. (Lost some time to the lack of this since I didn't know the UI defaults to having the email, openid and profile scopes when creating a new provider.)
Added an extra pointer for how to modify the ArgoCD secret when deployed with Helm, and how to add Readonly users to Argo.
Also made the opinionated change of replacing most HTTP schemes with HTTPS where they should realistically be used. :)
Checklist
ak test authentik/)make lint-fix)If an API change has been made
make gen-build)If changes to the frontend have been made
make web)If applicable
make website)