feat(hedgedoc): Add ability to specify oauth role claim and access role

This patch adds the ability to the restrict oauth access to certain roles. These roles have to be available in an attribute of the profile info. This also upgrades to 1.9.9

feat(hedgedoc): Add ability to specify oauth role claim and access role
77a5cfd4 · Sheogorath · 7967123d · 77a5cfd4 · 77a5cfd4 · 77a5cfd4
Verified Commit 77a5cfd4 authored 1 year ago by Sheogorath
--- a/charts/hedgedoc/Chart.yaml
+++ b/charts/hedgedoc/Chart.yaml
@@ -14,9 +14,9 @@ keywords:
 sources:
    - https://github.com/hedgedoc/hedgedoc/tree/master
    - https://git.shivering-isles.com/shivering-isles/infrastructure-gitops/-/tree/main/charts/hedgedoc
-version: 0.3.3
+version: 0.4.0
 # renovate: image=quay.io/hedgedoc/hedgedoc
-appVersion: "1.9.8"
+appVersion: "1.9.9"
 maintainers:
 - name: Sheogorath
  url: https://shivering-isles.com

--- a/charts/hedgedoc/README.md
+++ b/charts/hedgedoc/README.md
 # hedgedoc
-![Version: 0.3.3](https://img.shields.io/badge/Version-0.3.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.9.8](https://img.shields.io/badge/AppVersion-1.9.8-informational?style=flat-square)
+![Version: 0.4.0](https://img.shields.io/badge/Version-0.4.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.9.9](https://img.shields.io/badge/AppVersion-1.9.9-informational?style=flat-square)
 A platform to write and share markdown.
@@ -41,10 +41,12 @@ A platform to write and share markdown.
 | config.minio.port | int | `443` |  |
 | config.minio.secretKey | string | `nil` |  |
 | config.minio.secure | bool | `true` |  |
+| config.oauth.accessRole | string | `nil` |  |
 | config.oauth.authorisationUrl | string | `nil` |  |
 | config.oauth.clientId | string | `nil` |  |
 | config.oauth.clientSecret | string | `nil` |  |
 | config.oauth.providerName | string | `nil` |  |
+| config.oauth.roleClaim | string | `nil` |  |
 | config.oauth.scope | string | `"openid email profile"` |  |
 | config.oauth.tokenUrl | string | `nil` |  |
 | config.oauth.userProfileDisplayName | string | `"name"` |  |

--- a/charts/hedgedoc/templates/configmap.yaml
+++ b/charts/hedgedoc/templates/configmap.yaml
@@ -65,6 +65,12 @@ data:
  {{- with .Values.config.oauth.scope }}
  CMD_OAUTH2_SCOPE: {{ . | quote }}
  {{- end }}
+  {{- with .Values.config.oauth.roleClaim }}
+  CMD_OAUTH2_ROLES_CLAIM: {{ . | quote }}
+  {{- end }}
+  {{- with .Values.config.oauth.accessRole }}
+  CMD_OAUTH2_ACCESS_ROLE: {{ . | quote }}
+  {{- end }}
  {{- with .Values.config.defaultPermission }}
  CMD_DEFAULT_PERMISSION: {{ . | quote }}
  {{- end }}
\ No newline at end of file
--- a/charts/hedgedoc/values.yaml
+++ b/charts/hedgedoc/values.yaml
@@ -51,6 +51,8 @@ config:
    userProfileDisplayName: name
    userProfileEmailAttr: email
    scope: openid email profile
+    roleClaim: null
+    accessRole: null
 postgresql: