Allow the Dex hostname to be set by integration tests

Co-authored-by: Ryan Richard <richardry@vmware.com>
2026-01-03 11:45:45 +00:00 · 2024-08-30 12:42:03 -05:00
parent f480daf7dc
commit c0bab69cd1
3 changed files with 15 additions and 6 deletions
--- a/test/deploy/tools/cert-issuer.yaml
+++ b/test/deploy/tools/cert-issuer.yaml
@@ -1,4 +1,4 @@
-#! Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
+#! Copyright 2020-2024 the Pinniped contributors. All Rights Reserved.
 #! SPDX-License-Identifier: Apache-2.0

 #@ load("@ytt:data", "data")
@@ -56,6 +56,9 @@ spec:
        image: #@ data.values.cfssl_image
        imagePullPolicy: IfNotPresent
        command: ["/bin/bash"]
+        env:
+        - name: DEX_ISSUER_HOSTNAME
+          value: #@ data.values.dex_issuer_hostname
        args:
        - -c
        - |
@@ -74,8 +77,8 @@ spec:
            -ca ca.pem -ca-key ca-key.pem \
            -config /tmp/cfssl-default.json \
            -profile www \
-            -cn "dex.tools.svc.cluster.local" \
-            -hostname "dex.tools.svc.cluster.local" \
+            -cn "${DEX_ISSUER_HOSTNAME}" \
+            -hostname "${DEX_ISSUER_HOSTNAME}" \
            /tmp/csr.json \
            | cfssljson -bare dex

--- a/test/deploy/tools/dex.yaml
+++ b/test/deploy/tools/dex.yaml
@@ -1,4 +1,4 @@
-#! Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
+#! Copyright 2020-2024 the Pinniped contributors. All Rights Reserved.
 #! SPDX-License-Identifier: Apache-2.0

 #@ load("@ytt:data", "data")
@@ -6,7 +6,8 @@
 #@ load("@ytt:yaml", "yaml")

 #@ def dexConfig():
-issuer: https://dex.tools.svc.cluster.local/dex
+#! example: https://dex.tools.svc.cluster.local/dex
+issuer: #@ "https://" + data.values.dex_issuer_hostname + "/dex"
 storage:
  type: sqlite3
  config:
--- a/test/deploy/tools/values.yaml
+++ b/test/deploy/tools/values.yaml
@@ -1,4 +1,4 @@
-#! Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
+#! Copyright 2020-2024 the Pinniped contributors. All Rights Reserved.
 #! SPDX-License-Identifier: Apache-2.0

 #@data/values
@@ -16,6 +16,11 @@ ports:
  #! our Kind configuration which maps 127.0.0.1:12346 to port 31235 on the Kind worker node.
  local: 12346

+
+#! dex_issuer_hostname can be used to provide Dex with a DNS record or IP address for its hostname,
+#! which is used to construct an issuer uri and create a certificate to serve TLS.
+dex_issuer_hostname: dex.tools.svc.cluster.local
+
 #! supervisor_redirect_uris is an array of redirect uris that dex will use for its pinniped-supervisor client.
 #! usage: --data-value-yaml "supervisor_redirect_uris=[some-redirect.com,some-other-redirect.com]"
 supervisor_redirect_uris: []