* Improve wsmaster OpenIdConnect configurability, and helm deployment scripts
- Make username claim configurable in cases
Oidc provider does not support the default claim (default is "preferred_user")
- Introduce fallback for username (issuer+subject) if the username claim is not present
in the token
- Extend helm scripts to take customOidcProvider and customOidcUsernameClaim
parameters into account when deploying che master.
- Introduce cheDedicatedKeycloak global param, conditioning if dedicated che
keycloak server should be deployed, and waited on by the master.
- default value for cheDedicatedKeycloak (if not defined) is true
if the cheDedicatedKeycloak parameter is defined and is false,
customOidcProvicer must be supplied, when using multiuser mode.
Signed-off-by: Sergey Kuperman <sergey.kuperman@sap.com>
* Code review fixes
Remove the extra if condition in configmap.yaml
Remove extra line in requirements.yaml
fix typo in deployment.yaml
* Add che.keycloak.username_claim property as NULL into multiuser.properties
* Simplify helm conditions, when deploying che master with or without keycloak
if multiuser = true, and .Values.customOidcProvider was supplied, assumption is that
we work with no keycloak (no waiting in deployment)
global.cheDedicatedKeycloak is still needed as separate variable for requirements.yaml to determine whether keycloak chart should be installed
so for keycloak deployment, no parameters need to be passed beside global.multiuser=true,
for custom OIDC :
.Values.customOidcProvider=http://url, and global.cheDedicatedKeycloak=false
both need to be set
34e6ab326f