https://github.com/zpascal/container-manager-oidc-gatekeeper

OIDC proxy container to establish a connection to an application via an OIDC Proxy based on the gatekeeper proxy and an container process overlay
https://github.com/zpascal/container-manager-oidc-gatekeeper

alpine container oidc-client proxy

Last synced: about 1 year ago
JSON representation

OIDC proxy container to establish a connection to an application via an OIDC Proxy based on the gatekeeper proxy and an container process overlay

• Host: GitHub
• URL: https://github.com/zpascal/container-manager-oidc-gatekeeper
• Owner: ZPascal
• License: apache-2.0
• Created: 2022-11-15T06:54:19.000Z (over 3 years ago)
• Default Branch: main
• Last Pushed: 2024-09-14T15:31:16.000Z (over 1 year ago)
• Last Synced: 2024-10-19T06:04:32.114Z (over 1 year ago)
• Topics: alpine, container, oidc-client, proxy
• Language: Python
• Homepage:
• Size: 72.3 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# Container Manager OIDC Gatekeeper

OIDC proxy container to establish a connection to an application via an OIDC Proxy based on the [gatekeeper](https://github.com/gogatekeeper/gatekeeper) proxy and the container process overlay [container-manager](https://github.com/ZPascal/container-manager)

The following container was created by a replacement of the [louketo-proxy](https://github.com/louketo/louketo-proxy) to establish a connection to an internal K8s app via OIDC over the external network.

## Basic information about the application and the container

The Container Manager OIDC Gatekeeper is based on the [gatekeeper](https://github.com/gogatekeeper/gatekeeper) application and the [container-manager](https://github.com/ZPascal/container-manager) process overlay to start and control the application and an Alpine base image as the base ground of the container.

## Installation, startup and configuration

### Installation and startup

#### Docker

```

docker pull z9pascal/container-manager-oidc-gatekeeper:1.16.1-latest

docker run -e OIDC_DISCOVERY_URL="" -e OIDC_CLIENT_ID="" -e OIDC_CLIENT_SECRET="" -e OIDC_LISTEN_URL="0.0.0.0:3000" -e OIDC_ENCRYPTION_KEY="" -e OIDC_REDIRECT_URL="" -e OIDC_UPSTREAM_URL="https://kubernetes-dashboard" -v /storage:/storage -p 3000:3000 z9pascal/container-manager-oidc-gatekeeper:1.16.1-latest

```

#### Dev setup

After you modified the corresponding container with your changes, you can start the build and process with the [docker-compose.yml](docker-compose.yml) file e.g. `docker-compose up -d` or you can use the following commands to start the build and run process for the development support manual.

```

docker build . -t container-manager-oidc-gatekeeper

docker run -e OIDC_DISCOVERY_URL="" -e OIDC_CLIENT_ID="" -e OIDC_CLIENT_SECRET="" -e OIDC_LISTEN_URL="0.0.0.0:3000" -e OIDC_ENCRYPTION_KEY="" -e OIDC_REDIRECT_URL="" -e OIDC_UPSTREAM_URL="https://kubernetes-dashboard" -v /storage:/storage -p 3000:3000 container-manager-oidc-gatekeeper

```

### Configuration

You set up all related configuration parameters like the OIDC proxy credentials and the configuration parameters via environment variables. You can check out the corresponding values and description of the values inside the following table.

| Environment variable |                     Description                      |        Example values        |

|:--------------------:|:----------------------------------------------------:|:----------------------------:|

|  OIDC_DISCOVERY_URL  | Describe the discovery url of the OIDC system/ realm |             xxx              |

|    OIDC_CLIENT_ID    |      Describe the client id of the OIDC client       |             xxx              |

|  OIDC_CLIENT_SECRET  |    Describe the client secret of the OIDC client     |             xxx              |

|   OIDC_LISTEN_URL    |      Describe the listen url of the OIDC proxy       |         0.0.0.0:3000         |

| OIDC_ENCRYPTION_KEY  |       Describe the OIDC session encryption key       |             xxx              |

|  OIDC_REDIRECT_URL   | Describe the redirect url of the OIDC system/ realm  |             xxx              |

|  OIDC_UPSTREAM_URL   |     Describe the upstream url of the OIDC proxy      | https://kubernetes-dashboard |

## Contribution

If you would like to contribute, have an improvement request, or want to make a change inside the code, please open a pull request and write unit tests.

## Support

If you need support, or you encounter a bug, please don't hesitate to open an issue.

## Donations

If you want to support my work, I ask you to take an unusual action inside the open source community. Donate the money to a non-profit organization like Doctors Without Borders or the Children's Cancer Aid. I will continue to build tools because I like them, and I am passionate about developing and sharing applications.

## License

This product is available under the Apache 2.0 [license](LICENSE).