Merge pull request #40 from opf/feature/oidc-attribute-maps

Allow mapping of OIDC attributes in helm charts
opf · Nov 28, 2023 · a8b6aaa · a8b6aaa
2 parents fa206f6 + 0d233ee
commit a8b6aaa
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 3 deletions.
diff --git a/charts/openproject/Chart.yaml b/charts/openproject/Chart.yaml
@@ -6,7 +6,7 @@ home: "https://www.openproject.org/"
 icon: "https://www.openproject.org/assets/images/press/openproject-icon-original-color-41055eb6.png"
 type: "application"
 appVersion: "13"
-version: "2.6.2"
+version: "2.7.0"
 maintainers:
   - name: OpenProject
     url: https://github.com/opf/helm-charts

diff --git a/charts/openproject/templates/secrets.yaml b/charts/openproject/templates/secrets.yaml
@@ -45,8 +45,10 @@ stringData:
   {{ $oidc_prefix }}_USERINFO__ENDPOINT: {{ .Values.openproject.oidc.userinfoEndpoint | quote }}
   {{ $oidc_prefix }}_END__SESSION__ENDPOINT: {{ .Values.openproject.oidc.endSessionEndpoint | quote }}
   {{ $oidc_prefix }}_SCOPE: {{ .Values.openproject.oidc.scope | quote }}
-  # Until https://community.openproject.org/wp/42390 is fixed (probably 12.5) we need the following setting
-  OPENPROJECT_SELF__REGISTRATION: "3"
+  {{- range $key, $value := .Values.openproject.oidc.attribute_map }}
+  {{ $mapping_key := printf "%s_ATTRIBUTE_MAP_%s" $oidc_prefix (upper $key) }}
+  {{ $mapping_key }}: {{ $value | quote }}
+  {{- end }}
   {{- end }}
   {{- if .Values.s3.enabled }}
   OPENPROJECT_ATTACHMENTS__STORAGE: fog

diff --git a/charts/openproject/values.yaml b/charts/openproject/values.yaml
@@ -266,6 +266,8 @@ openproject:
     userinfoEndpoint: ""
     endSessionEndpoint: ""
     scope: "[openid]"
+    # Optional attribute mappings from the id token
+    attribute_map: {}
 
   ## Modify PostgreSQL statement timout.
   ## Increase in case you get errors such as "ERROR: canceling statement due to statement timeout".