auth-proxy: verify group membership (#105)
* auth-proxy: verify group membership
* memberships: install memberships app and use it in few apps
* app-repo: render auth
* installer: always use external dependencies option in app configs
* installer: fix auth handling
* auth-proxy: configure membership-addr and groups flags in helm chart
* installer: fix indentation
* app-manager: fix how auth block is rendered
---------
Co-authored-by: Giorgi Lekveishvili <lekva@gl-mbp-m1-max.local>
diff --git a/charts/auth-proxy/templates/install.yaml b/charts/auth-proxy/templates/install.yaml
index 63310c6..bcc3a15 100644
--- a/charts/auth-proxy/templates/install.yaml
+++ b/charts/auth-proxy/templates/install.yaml
@@ -41,4 +41,6 @@
- --port=8080
- --whoami-addr={{ .Values.whoAmIAddr }}
- --login-addr={{ .Values.loginAddr }}
+ - --membership-addr={{ .Values.membershipAddr }}
+ - --groups={{ .Values.groups }}
- --upstream={{ .Values.upstream }}
diff --git a/charts/auth-proxy/values.yaml b/charts/auth-proxy/values.yaml
index 9f61b34..15788e6 100644
--- a/charts/auth-proxy/values.yaml
+++ b/charts/auth-proxy/values.yaml
@@ -5,4 +5,6 @@
upstream: bar.svc.cluster.local
whoAmIAddr: https://accounts.example.com/sessions/whoami
loginAddr: https://accounts-ui.example.com/login
+membershipAddr: https://memberships.p.example.com/api/user
+groups: ""
portName: http