From 8c29681e381551b2b81d9b7cb505f3fcdfbc9b2b Mon Sep 17 00:00:00 2001
From: nniehoff <github@nickniehoff.net>
Date: Sat, 14 May 2022 10:00:53 -0600
Subject: [PATCH] Allowing for custom config path

---
 charts/dex/Chart.yaml                |  8 +++++---
 charts/dex/README.md                 |  3 ++-
 charts/dex/templates/_helpers.tpl    | 24 ++++++++++++++++++++++++
 charts/dex/templates/deployment.yaml | 16 +++-------------
 charts/dex/values.yaml               |  3 +++
 5 files changed, 37 insertions(+), 17 deletions(-)

diff --git a/charts/dex/Chart.yaml b/charts/dex/Chart.yaml
index 5a656cde..9e565a42 100644
--- a/charts/dex/Chart.yaml
+++ b/charts/dex/Chart.yaml
@@ -1,7 +1,7 @@
 apiVersion: v2
 type: application
 name: dex
-version: 0.8.2
+version: 0.9.0
 appVersion: "2.31.1"
 kubeVersion: ">=1.14.0-0"
 description: OpenID Connect (OIDC) identity and OAuth 2.0 provider with pluggable connectors.
@@ -21,8 +21,10 @@ maintainers:
     url: https://sagikazarmark.hu
 annotations:
   artifacthub.io/changes: |
-    - kind: changed
-      description: "Restore `ClusterRoleBinding` when using cluster scoped permissions"
+    - kind: added
+      description: "Added configFile value to allow for a custom config file location"
+    - kind: added
+      description: "Added volumes and volumeMounts helpers to only mount secret if a secret is needed"
   artifacthub.io/images: |
     - name: dex
       image: ghcr.io/dexidp/dex:v2.31.1
diff --git a/charts/dex/README.md b/charts/dex/README.md
index 018e3e26..bf2e9ab2 100644
--- a/charts/dex/README.md
+++ b/charts/dex/README.md
@@ -1,6 +1,6 @@
 # dex
 
-![version: 0.8.2](https://img.shields.io/badge/version-0.8.2-informational?style=flat-square) ![type: application](https://img.shields.io/badge/type-application-informational?style=flat-square) ![app version: 2.31.1](https://img.shields.io/badge/app%20version-2.31.1-informational?style=flat-square) ![kube version: >=1.14.0-0](https://img.shields.io/badge/kube%20version->=1.14.0--0-informational?style=flat-square) [![artifact hub](https://img.shields.io/badge/artifact%20hub-dex-informational?style=flat-square)](https://artifacthub.io/packages/helm/dex/dex)
+![version: 0.9.0](https://img.shields.io/badge/version-0.9.0-informational?style=flat-square) ![type: application](https://img.shields.io/badge/type-application-informational?style=flat-square) ![app version: 2.31.1](https://img.shields.io/badge/app%20version-2.31.1-informational?style=flat-square) ![kube version: >=1.14.0-0](https://img.shields.io/badge/kube%20version->=1.14.0--0-informational?style=flat-square) [![artifact hub](https://img.shields.io/badge/artifact%20hub-dex-informational?style=flat-square)](https://artifacthub.io/packages/helm/dex/dex)
 
 OpenID Connect (OIDC) identity and OAuth 2.0 provider with pluggable connectors.
 
@@ -120,6 +120,7 @@ ingress:
 | hostAliases | list | `[]` | A list of hosts and IPs that will be injected into the pod's hosts file if specified. See the [API reference](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#hostname-and-name-resolution) |
 | https.enabled | bool | `false` | Enable the HTTPS endpoint. |
 | grpc.enabled | bool | `false` | Enable the gRPC endpoint. Read more in the [documentation](https://dexidp.io/docs/api/). |
+| configFile | string | `"/etc/dex/config.yaml"` | Full Path to the dex config file. |
 | configSecret.create | bool | `true` | Enable creating a secret from the values passed to `config`. If set to false, name must point to an existing secret. |
 | configSecret.name | string | `""` | The name of the secret to mount as configuration in the pod. If not set and create is true, a name is generated using the fullname template. Must point to secret that contains at least a `config.yaml` key. |
 | config | object | `{}` | Application configuration. See the [official documentation](https://dexidp.io/docs/). |
diff --git a/charts/dex/templates/_helpers.tpl b/charts/dex/templates/_helpers.tpl
index b50e7207..33132bfb 100644
--- a/charts/dex/templates/_helpers.tpl
+++ b/charts/dex/templates/_helpers.tpl
@@ -71,3 +71,27 @@ Create the name of the secret containing the config file to use
 {{- default "default" .Values.configSecret.name }}
 {{- end }}
 {{- end }}
+
+{{/*
+Create Volumes
+*/}}
+{{- define "dex.volumes" -}}
+{{- if or .Values.configSecret.create .Values.configSecret.name }}
+{{- $defaultVolume := list (dict "name" "config" "secret" (dict "secretName" (include "dex.configSecretName" .))) -}}
+{{ concat $defaultVolume .Values.volumes | toYaml }}
+{{- else -}}
+{{ .Values.volumes | toYaml }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create Volume Mounts
+*/}}
+{{- define "dex.volumeMounts" -}}
+{{- if or .Values.configSecret.create .Values.configSecret.name }}
+{{- $defaultMount := list (dict "name" "config" "mountPath" "/etc/dex" "readOnly" "true") -}}
+{{ concat $defaultMount .Values.volumeMounts | toYaml }}
+{{- else -}}
+{{ .Values.volumeMounts | toYaml }}
+{{- end }}
+{{- end }}
diff --git a/charts/dex/templates/deployment.yaml b/charts/dex/templates/deployment.yaml
index 1f3ad4b8..fedd959b 100644
--- a/charts/dex/templates/deployment.yaml
+++ b/charts/dex/templates/deployment.yaml
@@ -62,7 +62,7 @@ spec:
             {{- end }}
             - --telemetry-addr
             - 0.0.0.0:5558
-            - /etc/dex/config.yaml
+            - {{ .Values.configFile }}
           env:
             {{- range $key, $value := .Values.env }}
             - name: {{ $key }}
@@ -103,19 +103,9 @@ spec:
           resources:
             {{- toYaml .Values.resources | nindent 12 }}
           volumeMounts:
-            - name: config
-              mountPath: /etc/dex
-              readOnly: true
-          {{- with .Values.volumeMounts }}
-            {{- toYaml . | nindent 12 }}
-          {{- end }}
+            {{- (include "dex.volumeMounts" .) | nindent 12 }}
       volumes:
-        - name: config
-          secret:
-            secretName: {{ include "dex.configSecretName" . }}
-      {{- with .Values.volumes }}
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
+        {{- (include "dex.volumes" .) | nindent 8 }}
       {{- with .Values.nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}
diff --git a/charts/dex/values.yaml b/charts/dex/values.yaml
index f879cdf3..26b464a5 100644
--- a/charts/dex/values.yaml
+++ b/charts/dex/values.yaml
@@ -37,6 +37,9 @@ grpc:
   # Read more in the [documentation](https://dexidp.io/docs/api/).
   enabled: false
 
+# -- Full Path to the dex config file.
+configFile: "/etc/dex/config.yaml"
+
 configSecret:
   # -- Enable creating a secret from the values passed to `config`.
   # If set to false, name must point to an existing secret.