apiVersion: apps/v1
kind: Deployment
metadata:
labels:
k8s-app: passbook-gatekeeper
name: passbook-gatekeeper
namespace: kube-system
spec:
replicas: 1
selector:
matchLabels:
template:
containers:
- args:
- --upstream=file:///dev/null
env:
- name: OAUTH2_PROXY_CLIENT_ID
value: {{ provider.client.client_id }}
- name: OAUTH2_PROXY_CLIENT_SECRET
value: {{ provider.client.client_secret }}
- name: OAUTH2_PROXY_COOKIE_SECRET
value: {{ cookie_secret }}
image: beryju/passbook-gatekeeper:{{ version }}
imagePullPolicy: Always
ports:
- containerPort: 4180
protocol: TCP
---
apiVersion: v1
kind: Service
- name: http
port: 4180
targetPort: 4180
apiVersion: extensions/v1beta1
kind: Ingress
rules:
- host: {{ provider.external_host }}
http:
paths:
- backend:
serviceName: passbook-gatekeeper
servicePort: 4180
path: /oauth2