Merge pull request #4255 from cloudfoundry/helm-chart-uaa

Fix uaa docs. Make UAA endpoint config simpler
cloudfoundry · May 6, 2020 · f553668 · f553668
2 parents 8bd2110 + bc6b421
commit f553668
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 14 deletions.
diff --git a/deploy/kubernetes/console/README.md b/deploy/kubernetes/console/README.md
@@ -22,9 +22,11 @@ Check the repository was successfully added by searching for the `console`, for
 ```
 helm search console
 NAME               	CHART VERSION   APP VERSION	DESCRIPTION                                  
-stratos/console    	3.0.0           3.0.0      	A Helm chart for deploying Stratos UI Console
+stratos/console    	3.1.0           3.1.0      	A Helm chart for deploying Stratos UI Console
 ```
 
+> Note: Version numbers will depend on the version of Stratos available from the Helm repository
+
 > Note: Commands shown in this document are for Helm version 3. For Helm version 2, when installing, instead of supplying the name via the `--name` flag, it is supplied as the first argument, before the chart name.
 
 To install Stratos:
@@ -85,13 +87,11 @@ The following table lists the configurable parameters of the Stratos Helm chart
 |console.mariadb.host|Hostname of the database when using an external db||
 |console.mariadb.port|Port of the database when using an external db|3306|
 |console.mariadb.tls|TLS mode when connecting to database (true, false, skip-verify, preferred)|false|
-|console.uaa.protocol|Protocol to use when authenticating with the UAA|https://|
-|console.uaa.host|Host of the UAA to authenticate with ||
-|console.uaa.port|Port of the UAA to authenticate with ||
-|console.uaa.consoleClient|Client to use when authenticating with the UAA|cf|
-|console.uaa.consoleClientSecret|Client secret to use when authenticating with the UAA||
-|console.uaa.consoleAdminIdentifier|Scope that identifies an admin user of Stratos (e.g. cloud_controller.admin||
-|console.uaa.skipSSLValidation|Skip SSL validation when when authenticating with the UAA|false|
+|uaa.endpoint|URL of the UAA endpoint to authenticate with ||
+|uaa.consoleClient|Client to use when authenticating with the UAA|cf|
+|uaa.consoleClientSecret|Client secret to use when authenticating with the UAA||
+|uaa.consoleAdminIdentifier|Scope that identifies an admin user of Stratos (e.g. cloud_controller.admin||
+|uaa.skipSSLValidation|Skip SSL validation when when authenticating with the UAA|false|
 |env.SMTP_AUTH|Authenticate against the SMTP server using AUTH command when Sending User Invite emails|false|
 |env.SMTP_FROM_ADDRESS|From email address to use when Sending User Invite emails||
 |env.SMTP_USER|User name to use for authentication when Sending User Invite emails||
@@ -280,6 +280,7 @@ UAA configuration can be specified by providing the following configuration.
 Create a yaml file with the content below and and update according to your environment and save to a file called `uaa-config.yaml`.
 ```
 uaa:
+  url: https://uaa.cf-dev.io:2793
   protocol: https://
   port: 2793
   host: uaa.cf-dev.io
@@ -291,7 +292,6 @@ uaa:
 
 To install Stratos with the above specified configuration:
 
-
 ```
 kubectl create namespace console
 helm install my-console stratos/console --namespace=console -f uaa-config.yaml

diff --git a/deploy/kubernetes/console/templates/deployment.yaml b/deploy/kubernetes/console/templates/deployment.yaml
@@ -184,7 +184,15 @@ spec:
           value: stratos.admin
         {{- else }}
         # UAA
-        {{- if or .Values.env.UAA_HOST .Values.env.DOMAIN }}  
+        # Highest priority setting to use is uaa.endpoint
+        {{- if .Values.uaa.endpoint }}
+        - name: UAA_ENDPOINT 
+          value: {{ .Values.uaa.endpoint | quote }}
+        - name: CONSOLE_ADMIN_SCOPE
+          value: {{ default "cloud_controller.admin" .Values.uaa.consoleAdminIdentifier }}
+        - name: SKIP_SSL_VALIDATION 
+          value: {{default "true" .Values.uaa.skipSSLValidation | quote}}
+        {{- else if or .Values.env.UAA_HOST .Values.env.DOMAIN }}          
         - name: UAA_ENDPOINT 
           value: {{ template "scfUaaEndpoint" . }}
         {{- if and .Values.env.DOMAIN (not .Values.console.autoRegisterCF) }}

diff --git a/deploy/kubernetes/console/values.yaml b/deploy/kubernetes/console/values.yaml
@@ -79,6 +79,7 @@ console:
   tlsSecretName:
 
   # URL of a Cloud Foundry to use for authentication and to auto-register on login
+  # Deprecated
   autoRegisterCF: ~
 
   # Custom annotations to apply to Stateful sets
@@ -142,13 +143,18 @@ mariadb:
     accessMode: ReadWriteOnce
     size: 1Gi
     storageClass:
+
+# UAA configuration
 uaa:
-  protocol: https://
-  port: 
-  host: 
+  # UAA endpoint (e.g. https://uaa.domain:2793)
+  endpoint: ~
+  # Client to use when authenticating (default is 'cf')
   consoleClient: 
+  # Client Secret to use when authenticating (default is '')
   consoleClientSecret: 
-  consoleAdminIdentifier: 
+  # Scope that determines if a user is a Stratos admin
+  consoleAdminIdentifier:
+  # Skip SSL validation when communicating with the UAA
   skipSSLValidation: false
 
 # SCF values compatability