Identity Context
The KOTS identity service feature is deprecated and is not available to new users.
Template functions in the Identity context have access to Replicated KOTS identity service information.
IdentityServiceEnabled
func IdentityServiceEnabled() bool
Returns true if the Replicated identity service has been enabled and configured by the end customer.
apiVersion: apps/v1
kind: Deployment
...
env:
- name: IDENTITY_ENABLED
value: repl{{ IdentityServiceEnabled }}
IdentityServiceClientID
func IdentityServiceClientID() string
Returns the client ID required for the application to connect to the identity service OIDC server.
apiVersion: apps/v1
kind: Deployment
...
env:
- name: CLIENT_ID
value: repl{{ IdentityServiceClientID }}
IdentityServiceClientSecret
func IdentityServiceClientSecret() (string, error)
Returns the client secret required for the application to connect to the identity service OIDC server.
apiVersion: v1
kind: Secret
...
data:
CLIENT_SECRET: repl{{ IdentityServiceClientSecret | b64enc }}
IdentityServiceRoles
func IdentityServiceRoles() map[string][]string
Returns a list of groups specified by the customer mapped to a list of roles as defined in the Identity custom resource manifest file.
For more information about roles in the Identity custom resource, see Identity in the Custom resources section.
apiVersion: apps/v1
kind: Deployment
...
env:
- name: RESTRICTED_GROUPS
value: repl{{ IdentityServiceRoles | keys | toJson }}
IdentityServiceName
func IdentityServiceName() string
Returns the Service name for the identity service OIDC server.
apiVersion: networking.k8s.io/v1
kind: Ingress
...
- path: /dex
backend:
service:
name: repl{{ IdentityServiceName }}
port:
number: repl{{ IdentityServicePort }}
IdentityServicePort
func IdentityServicePort() string
Returns the Service port number for the identity service OIDC server.
apiVersion: networking.k8s.io/v1
kind: Ingress
...
- path: /dex
backend:
service:
name: repl{{ IdentityServiceName }}
port:
number: repl{{ IdentityServicePort }}