From f7c0e3aefae4746e2da3a37d1de994bec8c885a9 Mon Sep 17 00:00:00 2001 From: Marek Skrobacki Date: Wed, 11 Sep 2024 18:22:50 +0100 Subject: [PATCH] horizon: allow setting WEBSSO_KEYSTONE_URL This patch enables users to override WEBSSO_KEYSTONE_URL variable for Horizon. As per docs: > Use this when OPENSTACK_KEYSTONE_URL is set to an internal Keystone endpoint and is not reachable from the external network where the identity provider lives. This URL will take precedence over OPENSTACK_KEYSTONE_URL if the login choice is an external identity provider (IdP). Change-Id: I542dadb8ada14ebab8257cc0693641b14c8adcc0 Signed-off-by: Marek Skrobacki --- horizon/Chart.yaml | 2 +- horizon/values.yaml | 5 +++++ releasenotes/notes/horizon.yaml | 1 + 3 files changed, 7 insertions(+), 1 deletion(-) diff --git a/horizon/Chart.yaml b/horizon/Chart.yaml index 3238befd86..c80315ad92 100644 --- a/horizon/Chart.yaml +++ b/horizon/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Horizon name: horizon -version: 0.3.27 +version: 0.3.28 home: https://docs.openstack.org/horizon/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Horizon/OpenStack_Project_Horizon_vertical.png sources: diff --git a/horizon/values.yaml b/horizon/values.yaml index 645edced27..37810221ae 100644 --- a/horizon/values.yaml +++ b/horizon/values.yaml @@ -460,6 +460,11 @@ conf: # Determines which authentication choice to show as default. WEBSSO_INITIAL_CHOICE = "{{ .Values.conf.horizon.local_settings.config.auth.sso.initial_choice }}" + {{- if .Values.conf.horizon.local_settings.config.auth.sso.websso_keystone_url }} + # The full auth URL for the Keystone endpoint used for web single-sign-on authentication. + WEBSSO_KEYSTONE_URL = "{{ .Values.conf.horizon.local_settings.config.auth.sso.websso_keystone_url }}" + {{- end }} + # The list of authentication mechanisms # which include keystone federation protocols. # Current supported protocol IDs are 'saml2' and 'oidc' diff --git a/releasenotes/notes/horizon.yaml b/releasenotes/notes/horizon.yaml index e0c0a3d10b..d0677c04c3 100644 --- a/releasenotes/notes/horizon.yaml +++ b/releasenotes/notes/horizon.yaml @@ -64,4 +64,5 @@ horizon: - 0.3.25 Implement "CSRF_TRUSTED_ORIGINS" option support in horizon - 0.3.26 Fix templating of CSRF_TRUSTED_ORIGINS - 0.3.27 Use quay.io/airshipit/kubernetes-entrypoint:latest-ubuntu_focal by default + - 0.3.28 Add WEBSSO_KEYSTONE_URL value ...