fix test setup and add local image build make target

Signed-off-by: Jan Larwig <jan@larwig.com>
2025-07-26 12:46:17 +02:00 · 2025-07-26 12:46:17 +02:00 · 7e070d1dee
parent fa2587ac09
commit 7e070d1dee
6 changed files with 58 additions and 15 deletions
--- a/4
+++ b/4
@ -75,6 +75,10 @@ DOCKER_BUILDX_PUSH_X_PLATFORM_ALPINE := $(DOCKER_BUILDX_X_PLATFORM_ALPINE) --pus
 .PHONY: build-docker
 build-docker: build-distroless build-alpine ## Build multi architecture docker images in both flavours (distroless / alpine)

+.PHONY: build-docker-local
+build-docker-local: ## Build distroless docker image and locally load into docker images
+	$(DOCKER_BUILDX) --load -t $(REGISTRY)/$(REPOSITORY):${VERSION}-local .
+
 .PHONY: build-distroless
 build-distroless: ## Build multi architecture distroless based docker image
 	$(DOCKER_BUILDX_X_PLATFORM) -t $(REGISTRY)/$(REPOSITORY):latest -t $(REGISTRY)/$(REPOSITORY):${VERSION} .
--- a/contrib/local-environment/docker-compose-alpha-config.yaml
+++ b/contrib/local-environment/docker-compose-alpha-config.yaml
@ -10,11 +10,58 @@
 #    make alpha-config-<command> (eg make nginx-up, make nginx-down)
 #
 # Access http://localhost:4180 to initiate a login cycle
-version: '3.0'
+version: "3.0"
 services:
  oauth2-proxy:
+    container_name: oauth2-proxy
    image: quay.io/oauth2-proxy/oauth2-proxy:v7.12.0
    command: --config /oauth2-proxy.cfg --alpha-config /oauth2-proxy-alpha-config.yaml
+    hostname: oauth2-proxy
    volumes:
      - "./oauth2-proxy-alpha-config.cfg:/oauth2-proxy.cfg"
      - "./oauth2-proxy-alpha-config.yaml:/oauth2-proxy-alpha-config.yaml"
+    restart: unless-stopped
+    ports:
+      - 4180:4180/tcp
+    networks:
+      dex: {}
+      httpbin: {}
+    depends_on:
+      - dex
+      - httpbin
+  dex:
+    container_name: dex
+    image: ghcr.io/dexidp/dex:v2.43.1
+    command: dex serve /dex.yaml
+    hostname: dex
+    volumes:
+      - "./dex.yaml:/dex.yaml"
+    restart: unless-stopped
+    ports:
+      - 5556:5556/tcp
+    networks:
+      dex:
+        aliases:
+          - dex.localtest.me
+      etcd: {}
+    depends_on:
+      - etcd
+  httpbin:
+    container_name: httpbin
+    image: kennethreitz/httpbin
+    ports: []
+    networks:
+      httpbin: {}
+  etcd:
+    container_name: etcd
+    image: gcr.io/etcd-development/etcd:v3.6.2
+    entrypoint: /usr/local/bin/etcd
+    command:
+      - --listen-client-urls=http://0.0.0.0:2379
+      - --advertise-client-urls=http://etcd:2379
+    networks:
+      etcd: {}
+networks:
+  dex: {}
+  etcd: {}
+  httpbin: {}
--- a/contrib/local-environment/docker-compose.yaml
+++ b/contrib/local-environment/docker-compose.yaml
@ -9,7 +9,7 @@
 #    make <command> (eg. make up, make down)
 #
 # Access http://oauth2-proxy.localtest.me:4180 to initiate a login cycle
-version: '3.0'
+version: "3.0"
 services:
  oauth2-proxy:
    container_name: oauth2-proxy
--- a/contrib/local-environment/oauth2-proxy-alpha-config.yaml
+++ b/contrib/local-environment/oauth2-proxy-alpha-config.yaml
@ -4,12 +4,8 @@ upstreamConfig:
  upstreams:
    - id: httpbin
      path: /
-      uri: http://httpbin.localtest.me:8080
+      uri: http://httpbin
 injectRequestHeaders:
-  - name: X-Forwarded-Groups
-    values:
-      - claimSource:
-          claim: groups
  - name: X-Forwarded-User
    values:
      - claimSource:
@ -18,14 +14,10 @@ injectRequestHeaders:
    values:
      - claimSource:
          claim: email
-  - name: X-Forwarded-Preferred-Username
-    values:
-      - claimSource:
-          claim: preferred_username
 providers:
  - id: oidc
    provider: oidc
    clientSecret: b2F1dGgyLXByb3h5LWNsaWVudC1zZWNyZXQK
    clientID: oauth2-proxy
    oidcConfig:
-      issuerURL: http://dex.localhost:5556/dex
+      issuerURL: http://dex.localtest.me:5556/dex
--- a/docs/docs/configuration/alpha_config.md
+++ b/docs/docs/configuration/alpha_config.md
@ -265,7 +265,7 @@ make up the header value

 | Field | Type | Description |
 | ----- | ---- | ----------- |
-| `value` | _[]byte_ | Value expects a base64 encoded []byte |
+| `value` | _[]byte_ | Value expects a base64 encoded string value. |
 | `fromEnv` | _string_ | FromEnv expects the name of an environment variable. |
 | `fromFile` | _string_ | FromFile expects a path to a file containing the secret value. |
 | `claim` | _string_ | Claim is the name of the claim in the session that the value should be<br/>loaded from. Available claims: `access_token` `id_token` `created_at`<br/>`expires_on` `refresh_token` `email` `user` `groups` `preferred_username`. |
@ -477,7 +477,7 @@ Only one source within the struct should be defined at any time.

 | Field | Type | Description |
 | ----- | ---- | ----------- |
-| `value` | _[]byte_ | Value expects a base64 encoded []byte |
+| `value` | _[]byte_ | Value expects a base64 encoded string value. |
 | `fromEnv` | _string_ | FromEnv expects the name of an environment variable. |
 | `fromFile` | _string_ | FromFile expects a path to a file containing the secret value. |

--- a/pkg/apis/options/secret_source.go
+++ b/pkg/apis/options/secret_source.go
@ -3,7 +3,7 @@ package options
 // SecretSource references an individual secret value.
 // Only one source within the struct should be defined at any time.
 type SecretSource struct {
-	// Value expects a base64 encoded []byte
+	// Value expects a base64 encoded string value.
 	Value []byte `yaml:"value,omitempty"`

 	// FromEnv expects the name of an environment variable.