Dex Config Schema¶
Note
This is auto-generated documentation from a JSON schema that is under construction, this will improve over time.
Return to the root config schema
https://raw.githubusercontent.com/elastisys/compliantkubernetes-apps/v0.39.2/config/schemas/config.yaml#/properties/dex
Configure Dex, the federated OIDC Identity Provider.
Note
Dex is installed in the service cluster, so this configuration mainly applies there.
Abstract | Extensible | Status | Identifiable | Custom Properties | Additional Properties | Access Restrictions | Defined In |
---|---|---|---|---|---|---|---|
Can be instantiated | No | Unknown status | No | Forbidden | Forbidden | none | config/schemas/config.yaml* |
TYPE:
object
(Dex Config)
PROPERTIES:
Property | Type | Required | Nullable | Defined by |
---|---|---|---|---|
replicaCount | number |
Optional | cannot be null | Compliant Kubernetes Apps Config |
subdomain | string |
Optional | cannot be null | Compliant Kubernetes Apps Config |
additionalKubeloginRedirects | array |
Optional | cannot be null | Compliant Kubernetes Apps Config |
enableStaticLogin | boolean |
Optional | cannot be null | Compliant Kubernetes Apps Config |
expiry | object |
Optional | cannot be null | Compliant Kubernetes Apps Config |
object |
Optional | cannot be null | Compliant Kubernetes Apps Config | |
serviceMonitor | object |
Optional | cannot be null | Compliant Kubernetes Apps Config |
resources | object |
Optional | cannot be null | Compliant Kubernetes Apps Config |
tolerations | array |
Optional | cannot be null | Compliant Kubernetes Apps Config |
topologySpreadConstraints | array |
Optional | cannot be null | Compliant Kubernetes Apps Config |
nodeSelector | object |
Optional | cannot be null | Compliant Kubernetes Apps Config |
affinity | object |
Optional | cannot be null | Compliant Kubernetes Apps Config |
replicaCount¶
replicaCount
-
is optional
-
Type:
number
(Dex Replicas) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
number
(Dex Replicas)
DEFAULTS:
The default value is:
2
subdomain¶
Subdomain of baseDomain
that the Ingress to Dex will be created with.
Note
Must be set for both service and workload clusters.
subdomain
-
is optional
-
Type:
string
(Dex Subdomain) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
string
(Dex Subdomain)
DEFAULTS:
The default value is:
"dex"
additionalKubeloginRedirects¶
Configure Dex with additional Kubelogin redirects.
additionalKubeloginRedirects
-
is optional
-
Type:
string[]
(Dex Kubelogin Redirect) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
string[]
(Dex Kubelogin Redirect)
enableStaticLogin¶
Configure Dex with a static password login admin@example.com
.
enableStaticLogin
-
is optional
-
Type:
boolean
(Dex Static Login) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
boolean
(Dex Static Login)
DEFAULTS:
The default value is:
true
expiry¶
Configure expiry when authenticating with Dex.
expiry
-
is optional
-
Type:
object
(Dex Expiry) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
object
(Dex Expiry)
google¶
Configure Dex with specific options when using the Google connector.
google
-
is optional
-
Type:
object
(Dex Google Config) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
object
(Dex Google Config)
serviceMonitor¶
Configure the Service Monitor collecting metrics from Dex.
serviceMonitor
-
is optional
-
Type:
object
(Dex Service Monitor) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
object
(Dex Service Monitor)
resources¶
Resource requests are used by the kube-scheduler to pick a node to schedule pods on.
Limits are enforced. Resources are commonly 'cpu' and 'memory'.
resources
-
is optional
-
Type:
object
(Kubernetes Resource Requirements) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
object
(Kubernetes Resource Requirements)
EXAMPLES:
requests:
memory: 128Mi
cpu: 100m
limits:
memory: 256Mi
cpu: 250m
tolerations¶
Kubernetes Tolerations
Kubernetes taint and toleration
tolerations
-
is optional
-
Type: an array of merged types (Details)
-
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
an array of merged types (Details)
topologySpreadConstraints¶
TopologySpreadConstraints describes how pods should spread across topology domains.
topologySpreadConstraints
-
is optional
-
Type: an array of merged types (Details)
-
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
an array of merged types (Details)
nodeSelector¶
Kubernetes node selector
nodeSelector
-
is optional
-
Type:
object
(Kubernetes Node Selector) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
object
(Kubernetes Node Selector)
EXAMPLES:
kubernetes.io/os: linux
affinity¶
Affinity is a group of affinity scheduling rules.
affinity
-
is optional
-
Type:
object
(Affinity) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
object
(Affinity)
Return to the root config schema
Generated Thu Nov 14 16:14:40 UTC 2024 from elastisys/compliantkubernetes-apps@v0.39.2