aserto-dev · ronenh · Feb 26, 2025 · Jan 24, 2025 · Jan 27, 2025 · Jan 27, 2025
diff --git a/charts/authorizer/templates/_helpers.tpl b/charts/authorizer/templates/_helpers.tpl
@@ -72,7 +72,7 @@ Local cluster address
 OPA discovery configuration
 */}}
 {{- define "authorizer.opaDiscovery" -}}
-url: https://{{ include "aserto-lib.discoveryAddress" . }}/api/
+url: http://{{ include "aserto-lib.discoveryAddress" . }}/api/
 credentials:
   bearer:
     token: ${AUTHORIZER_DISCOVERY_ROOT_KEY}

diff --git a/charts/console/templates/deployment.yaml b/charts/console/templates/deployment.yaml
@@ -51,7 +51,7 @@ spec:
               value: {{ include "console.port" . | quote }}
             {{- with (include "aserto-lib.controllerClient" .) | fromYaml }}
             - name: DS0_SERVICE_URL
-              value: {{ .address }}
+              value: {{ .no_tls | default false | ternary "http" "https" }}://{{ .address }}
             - name: DS0_TENANT_ID
               value: {{ .tenant_id }}
             {{- end }}

diff --git a/charts/controller/templates/config.yaml b/charts/controller/templates/config.yaml
@@ -78,6 +78,28 @@ stringData:
         - /grpc.reflection.v1.ServerReflection/ServerReflectionInfo
         - /grpc.reflection.v1alpha.ServerReflection/ServerReflectionInfo
         - /aserto.directory.reader.v3.Reader/Check
+        - /aserto.directory.store.v2.Store/GetAPIKeyIdentity
+        - /aserto.directory.store.v2.Store/ListUserTenants
+
+      tenant_id_field:
+        id:
+          - /aserto.directory.store.v2.Store/Info
+          - /aserto.directory.store.v2.Store/ListTenantMembers
+        tenant_id:
+          - /aserto.directory.store.v2.Store/AssignRoleToTenant
+          - /aserto.directory.store.v2.Store/CreateAPIKey
+          - /aserto.directory.store.v2.Store/DeleteAPIKey
+          - /aserto.directory.store.v2.Store/DeleteConfig
+          - /aserto.directory.store.v2.Store/DeleteSecret
+          - /aserto.directory.store.v2.Store/GetAPIKeyIdentity
+          - /aserto.directory.store.v2.Store/GetConfig
+          - /aserto.directory.store.v2.Store/GetSecret
+          - /aserto.directory.store.v2.Store/ListAPIKeys
+          - /aserto.directory.store.v2.Store/ListConfigs
+          - /aserto.directory.store.v2.Store/ListSecrets
+          - /aserto.directory.store.v2.Store/RemoveRoleFromTenant
+          - /aserto.directory.store.v2.Store/SetConfig
+          - /aserto.directory.store.v2.Store/SetSecret
     {{- end }}
 
     authentication:

diff --git a/charts/controller/test/no-tls.values.yaml b/charts/controller/test/no-tls.values.yaml
@@ -1,6 +1,6 @@
 ---
 image:
-  tag: 0.33.11-b041fc2e-amd64
+  tag: 0.33.11-108fc18c-amd64
 
 imagePullSecrets:
   - name: ghcr-creds

diff --git a/charts/controller/test/tls.values.yaml b/charts/controller/test/tls.values.yaml
@@ -1,6 +1,6 @@
 ---
 image:
-  tag: 0.33.11-b041fc2e-amd64
+  tag: 0.33.11-108fc18c-amd64
 
 imagePullSecrets:
   - name: ghcr-creds

diff --git a/charts/directory/templates/deployment.yaml b/charts/directory/templates/deployment.yaml
@@ -98,7 +98,7 @@ spec:
               readOnly: true
           {{- end }}
           env:
-            {{- with include "directory.controllerKeyEnv" (list . "read") }}
+            {{- with include "directory.controllerKeyEnv" (list . "readStore") }}
             - name: DIRECTORY_CONTROLLER_CLIENT_API_KEY
               {{- . | nindent 14 }}
             {{- end }}

diff --git a/charts/directory/test/no-tls.values.yaml b/charts/directory/test/no-tls.values.yaml
@@ -1,6 +1,6 @@
 ---
 image:
-  tag: 0.33.11-b041fc2e-amd64
+  tag: 0.33.11-108fc18c-amd64
 
 imagePullSecrets:
   - name: ghcr-creds

diff --git a/charts/directory/test/tls.values.yaml b/charts/directory/test/tls.values.yaml
@@ -1,6 +1,6 @@
 ---
 image:
-  tag: 0.33.11-b041fc2e-amd64
+  tag: 0.33.11-108fc18c-amd64
 
 imagePullSecrets:
   - name: ghcr-creds

diff --git a/charts/discovery/templates/config.yaml b/charts/discovery/templates/config.yaml
@@ -52,7 +52,6 @@ stringData:
       {{- end }}
 
     {{- with .Values.oidc -}}
-      foobar: no
       oidc:
         {{- include "aserto-lib.oidcConfig" . | nindent 8 }}
     {{- end }}

diff --git a/charts/discovery/templates/deployment.yaml b/charts/discovery/templates/deployment.yaml
@@ -1,3 +1,4 @@
+---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -95,7 +96,7 @@ spec:
                   key: {{ .secretKey }}
           {{- end }}
 
-          {{- with include "aserto-lib.controllerKeyEnv" (list . "read") }}
+          {{- with include "aserto-lib.controllerKeyEnv" (list . "readStore") }}
             - name: DISCOVERY_DS0_API_KEY
               {{- . | nindent 14 }}
           {{- end }}

diff --git a/charts/discovery/test/no-tls.values.yaml b/charts/discovery/test/no-tls.values.yaml
@@ -11,10 +11,7 @@ apiKey:
 
 controller:
   address: "topaz.discovery-no-tls.svc.cluster.local:8282"
-  apiKeys:
-    read: controller-root-key
-    write: controller-root-key
-    store: controller-root-key
+  apiKeysSecret: controller-keys
   noTLS: true
 
 registries:

diff --git a/charts/discovery/test/tests.yaml b/charts/discovery/test/tests.yaml
@@ -19,6 +19,12 @@ tests:
       - name: discovery-ghcr-token
         values:
           token: ghuser:$GITHUB_TOKEN
+      - name: controller-keys
+        values:
+          read: controller-root-key
+          write: controller-root-key
+          readStore: controller-root-key
+          writeStore: controller-root-key
     run:
       - |
         ${TOPAZ:-topaz} ds set manifest charts/discovery/test/manifest.yaml \

diff --git a/charts/multi-tenant-scim/templates/deployment.yaml b/charts/multi-tenant-scim/templates/deployment.yaml
@@ -79,7 +79,7 @@ spec:
               readOnly: true
             {{- end }}
           env:
-            {{- with include "aserto-lib.controllerKeyEnv" (list . "write") }}
+            {{- with include "aserto-lib.controllerKeyEnv" (list . "readStore") }}
             - name: ASERTO_SCIM_CONTROLLER_API_KEY
               {{ . | nindent 14 }}
             {{- end }}