diff --git a/charts/groombook/templates/_helpers.tpl b/charts/groombook/templates/_helpers.tpl index 9c97648..93f19ad 100644 --- a/charts/groombook/templates/_helpers.tpl +++ b/charts/groombook/templates/_helpers.tpl @@ -119,3 +119,10 @@ uri database-url {{- end -}} {{- end }} + +{{/* +Auth secret name — always use groombook-auth (sealed secret name) +*/}} +{{- define "groombook.authSecretName" -}} +{{- printf "%s" "groombook-auth" }} +{{- end }} diff --git a/charts/groombook/templates/api-deployment.yaml b/charts/groombook/templates/api-deployment.yaml index aaee7b0..6283210 100644 --- a/charts/groombook/templates/api-deployment.yaml +++ b/charts/groombook/templates/api-deployment.yaml @@ -50,6 +50,27 @@ spec: - name: OIDC_AUDIENCE value: {{ .Values.api.env.oidcAudience | quote }} {{- end }} + {{- if .Values.api.env.internalBaseUrl }} + - name: OIDC_INTERNAL_BASE + value: {{ .Values.api.env.internalBaseUrl | quote }} + {{- end }} + - name: BETTER_AUTH_URL + value: {{ .Values.api.env.betterAuthUrl | quote }} + - name: OIDC_CLIENT_ID + valueFrom: + secretKeyRef: + name: {{ include "groombook.authSecretName" . }} + key: OIDC_CLIENT_ID + - name: OIDC_CLIENT_SECRET + valueFrom: + secretKeyRef: + name: {{ include "groombook.authSecretName" . }} + key: OIDC_CLIENT_SECRET + - name: BETTER_AUTH_SECRET + valueFrom: + secretKeyRef: + name: {{ include "groombook.authSecretName" . }} + key: BETTER_AUTH_SECRET - name: DATABASE_URL valueFrom: secretKeyRef: diff --git a/charts/groombook/values.yaml b/charts/groombook/values.yaml index 5f888a5..0e85682 100644 --- a/charts/groombook/values.yaml +++ b/charts/groombook/values.yaml @@ -18,6 +18,8 @@ api: corsOrigin: "" oidcIssuer: "" oidcAudience: groombook + betterAuthUrl: "" + internalBaseUrl: "" port: "3000" service: type: ClusterIP