Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[MOSIP-39656] added google client secret as env variables #587

Open
wants to merge 2 commits into
base: develop
Choose a base branch
from
Open

[MOSIP-39656] added google client secret as env variables #587

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
e2d8ad6
[MOSIP-39656] added google client secret as env variables
ckm007 Feb 11, 2025
c7584c9
[MOSIP-39656] Rename serets.yaml to secrets.yaml
ckm007 Feb 11, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 21 additions & 3 deletions deploy/mimoto/install.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,10 +30,10 @@ function installing_mimoto() {
echo "Do you have public domain & valid SSL? (Y/n) "
echo "Y: if you have public domain & valid ssl certificate"
echo "n: If you don't have a public domain and a valid SSL certificate. Note: It is recommended to use this option only in development environments."
read -p "" flag
read -p -r "" flag

if [ -z "$flag" ]; then
echo "'flag' was provided; EXITING;"
echo "'flag' was not provided; EXITING;"
exit 1;
fi
ENABLE_INSECURE=''
Expand All @@ -55,8 +55,26 @@ function installing_mimoto() {
kubectl -n config-server rollout restart deployment config-server
kubectl -n config-server rollout status deployment config-server

echo "Please share relevant google client id ">
read -p -r "" clientId

if [ -z "$clientId" ]; then
echo "'clientId' was not provided; EXITING;"
exit 1;
fi
echo "Please share relevant google secret key"
read -p -r "" secretKey

if [ -z "$secretKey" ]; then
echo "'secretKey' was not provided; EXITING;"
exit 1;
fi


echo Installing mimoto
helm -n $NS install mimoto mosip/mimoto --version $MIMOTO_CHART_VERSION $ENABLE_INSECURE
helm -n $NS install mimoto mosip/mimoto --version $MIMOTO_CHART_VERSION $ENABLE_INSECURE \
--set mimoto.secrets.googleClient.MOSIP_INJIWEB_GOOGLE_CLIENT_ID="$clientId" \
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

instead of MOSIP_INJIWEB_GOOGLE_CLIENT_ID, can we use just MOSIP_INJI_GOOGLE_CLIENT_ID as it will be applicable for both wallets

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@swatigoel For mobile and injiweb we can have separate google client id and secret, considering origin and redirect uri will be different

--set mimoto.secrets.googleClient.MOSIP_INJIWEB_GOOGLE_CLIENT_SECRET="$secretKey"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

instead of MOSIP_INJIWEB_GOOGLE_CLIENT_SECRET, can we use just MOSIP_INJI_GOOGLE_CLIENT_SECRET as it will be applicable for both wallets


kubectl -n $NS get deploy -o name | xargs -n1 -t kubectl -n $NS rollout status

Expand Down
19 changes: 0 additions & 19 deletions helm/mimoto/templates/clusterrolebinding.yaml
View file
Open in desktop

This file was deleted.

24 changes: 24 additions & 0 deletions helm/mimoto/templates/secrets.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
{{- if .Values.mimoto.secrets }}
{{- range $secret_name, $secret_value := .Values.mimoto.secrets }}
apiVersion: v1
kind: Secret
metadata:
name: {{ $secret_name }}
namespace: {{ $.Release.Namespace }}
labels:
{{- include "common.labels.standard" $ | nindent 4 }}
{{- if $.Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" $.Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if $.Values.commonAnnotations }}
annotations:
{{- include "common.tplvalues.render" ( dict "value" $.Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
type: Opaque
data:
{{- range $key, $value := $secret_value }}
{{ $key }}: {{ $value | b64enc | quote }}
{{- end }}
---
{{- end }}
{{- end }}
9 changes: 8 additions & 1 deletion helm/mimoto/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -251,7 +251,8 @@ extraEnvVarsCM:

## Secret with extra environment variables
##
extraEnvVarsSecret: []
extraEnvVarsSecret:
- googleClient

## Extra volumes to add to the deployment
##
Expand Down Expand Up @@ -468,3 +469,9 @@ volumes:
mimotooidc:
key: oidckeystore.p12
path: /home/mosip/certs

mimoto:
secrets:
googleClient:
MOSIP_INJIWEB_GOOGLE_CLIENT_ID: "your-app-google-client-id"
MOSIP_INJIWEB_GOOGLE_CLIENT_SECRET: "your-app-google-client-secret"