This is the supporting code for the tutorial series A Comprehensive Guide to SSO on Kubernetes.
Some of the highlights this series explains how to do are:
- Login to the
kubectlcli using SSO credentials via the browser - Replace basic auth ingress annotations with equally simple but much more secure SSO annotations
- Push and pull to a secure private docker registry with full ACL
charts/: Charts which are currently only available as part of the deprecatedstablehelm repository. Any charts in this directory remain subject to the licenses in the original repos, Apache 2.0 at time of writing. As these charts become available elsewhere, they'll be removed when the tutorial series is updated.docker-registry/: The example helm values file for configuring the basic docker registry chartgitea/: The example helm values file for configuring giteagroup-auth/: An example cluster role binding definition for configuring a specific SSO group to automatically have cluster admin accessharbor/: The example helm values file for configuring harborjwt-ruby-example/: An example ruby application showing how to decode JSON Web Tokenskeycloak/: The example helm values file for configuring Keycloakkube-oidc-proxy/: The example helm values for for configuring Kube OIDC Proxykubelogin/: An example KUBECONFIG file for use with kubelogin and kube oidc proxynginx-demo-app/: An example helm values file for deploying Nginx with ingress annotations which delegate authentication to Keycloak via OIDC and demonstrate passing the JWT throughoauth2-proxy/: An example helm values file foroauth2-proxywhich provides the underlying endpoints needed for nginx to delegate auth to Keycloakopenldap/: An example helm values file for installing and configuring openldap