---
kind: Cluster
name: oidc
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
- role: control-plane
extraPortMappings:
- containerPort: 30000
hostPort: 80
listenAddress: "0.0.0.0"
protocol: tcp
- containerPort: 30001
hostPort: 443
listenAddress: "0.0.0.0"
protocol: tcp
- role: worker
kind create cluster --config kind-cluster-config.yaml
kubectl create namespace dex
kubectl create secret generic github-client \
--namespace=dex \
--from-literal=client-id=${GITHUB_CLIENT_ID} \
--from-literal=client-secret=${GITHUB_CLIENT_SECRET}
clientID
and clientSecret
are defined in
clusters/kind/dex/helm_release.yaml
.
kubectl create namespace flux-system
kubectl create secret generic oidc-auth \
--namespace flux-system \
--from-literal=issuerURL=https://dex.gitops.efertone.me \
--from-literal=clientID=weave-gitops \
--from-literal=clientSecret=AiAImuXKhoI5ApvKWF988txjZ+6rG3S7o6X5En \
--from-literal=redirectURL=https://ui.gitops.efertone.me/oauth2/callback
❯ flux bootstrap github \
--owner=$GITHUB_USER \
--repository=gitops-config \
--branch=main \
--path=./clusters/kind \
--personal
(can't be created before cert manager is installed)
kubectl apply -f clusters/kind/cert-manager/cluster_issuer.yaml