fix(helm): Set working defaults for google OAuth2 example (#13614)

* Rebase and lint * Fix whitespace Co-authored-by: Amit Miran <47772523+amitmiran137@users.noreply.github.com>
2021-06-16 13:38:57 -07:00 · 2021-06-16 13:38:57 -07:00 · 70afa08190
parent ca89292faa
commit 70afa08190
2 changed files with 19 additions and 3 deletions
--- a/helm/superset/Chart.yaml
+++ b/helm/superset/Chart.yaml
@ -22,7 +22,7 @@ maintainers:
  - name: craig-rueda
    email: craig@craigrueda.com
    url: https://github.com/craig-rueda
-version: 0.1.4
+version: 0.1.5
 dependencies:
 - name: postgresql
  version: 10.2.0
--- a/helm/superset/values.yaml
+++ b/helm/superset/values.yaml
@ -51,10 +51,17 @@ extraEnv: {}
  # Extend timeout to allow long running queries.
  # GUNICORN_TIMEOUT: 300

+
+   # OAUTH_HOME_DOMAIN: ..
+  # # If a whitelist is not set, any address that can use your OAuth2 endpoint will be able to login.
+  # #   this includes any random Gmail address if your OAuth2 Web App is set to External.
+  # OAUTH_WHITELIST_REGEX: ...
+
 ## Extra environment variables to pass as secrets
 ##
 extraSecretEnv: {}
  # MAPBOX_API_KEY: ...
+  # # Google API Keys: https://console.cloud.google.com/apis/credentials
  # GOOGLE_KEY: ...
  # GOOGLE_SECRET: ...

@ -82,12 +89,13 @@ configOverrides: {}
  #    # Extend timeout to allow long running queries.
  #    SUPERSET_WEBSERVER_TIMEOUT = ...
  # enable_oauth: |
-  #   from flask_appbuilder.security.manager import AUTH_DB
+  #   from flask_appbuilder.security.manager import (AUTH_DB, AUTH_OAUTH)
  #   AUTH_TYPE = AUTH_OAUTH

  #   OAUTH_PROVIDERS = [
  #       {
  #           "name": "google",
+  #           "whitelist": [ os.getenv("OAUTH_WHITELIST_REGEX", "") ],
  #           "icon": "fa-google",
  #           "token_key": "access_token",
  #           "remote_app": {
@ -98,9 +106,17 @@ configOverrides: {}
  #               "request_token_url": None,
  #               "access_token_url": "https://accounts.google.com/o/oauth2/token",
  #               "authorize_url": "https://accounts.google.com/o/oauth2/auth",
-  #           },
+  #               "authorize_params": {"hd": os.getenv("OAUTH_HOME_DOMAIN", "")}
+  #           }
  #       }
  #   ]
+  #   # Map Authlib roles to superset roles
+  #   AUTH_ROLE_ADMIN = 'Admin'
+  #   AUTH_ROLE_PUBLIC = 'Public'
+  #   # Will allow user self registration, allowing to create Flask users from Authorized User
+  #   AUTH_USER_REGISTRATION = True
+  #   # The default user self registration role
+  #   AUTH_USER_REGISTRATION_ROLE = "Admin"

 configMountPath: "/app/pythonpath"