From 8b2899fbc69a22a8cdbe2f7a79557594b2cb6d85 Mon Sep 17 00:00:00 2001
From: Doctor Vince <DoctorVin@users.noreply.github.com>
Date: Thu, 9 May 2024 09:32:53 -0400
Subject: [PATCH] add OIDC issuer config field, checks for it being set, and
 placeholder config map entries

---
 helm/values.yaml       |  7 ++++++-
 internal/app/app.go    | 16 ++++++++++++----
 internal/app/config.go |  1 +
 3 files changed, 19 insertions(+), 5 deletions(-)

diff --git a/helm/values.yaml b/helm/values.yaml
index 8e07036..499b723 100644
--- a/helm/values.yaml
+++ b/helm/values.yaml
@@ -1,6 +1,6 @@
 ---
 image:
-  repo: "localhost:5001/component-inventory"
+  repo: "localhost:5001"
   tag: latest
   pullPolicy: Always
 
@@ -15,3 +15,8 @@ fleetdb:
   env:
     endpoint: http://fleetdb:8000
     disable_oauth: true
+    audience_endpoint: "placeholder"
+    issuer_endpoint: "placeholder"
+    client_id: "placeholder"
+    client_scopes:
+      - "placeholder"
diff --git a/internal/app/app.go b/internal/app/app.go
index 9297579..d04965b 100644
--- a/internal/app/app.go
+++ b/internal/app/app.go
@@ -142,7 +142,15 @@ func envVarOverrides(v *viper.Viper, cfg *Configuration) error {
 	}
 
 	if cfg.FleetDBOpts.AudienceEndpoint == "" {
-		return errors.New("fleetdb client secret not defined")
+		return errors.New("fleetdb OIDC audience endpoint not defined")
+	}
+
+	if v.GetString("fleetdb.issuer.endpoint") != "" {
+		cfg.FleetDBOpts.IssuerEndpoint = v.GetString("fleetdb.issuer.endpoint")
+	}
+
+	if cfg.FleetDBOpts.IssuerEndpoint == "" {
+		return errors.New("fleetdb OIDC issuer endpoint not defined")
 	}
 
 	if v.GetString("fleetdb.client.id") != "" {
@@ -150,7 +158,7 @@ func envVarOverrides(v *viper.Viper, cfg *Configuration) error {
 	}
 
 	if cfg.FleetDBOpts.ClientID == "" {
-		return errors.New("fleetdb client id not defined")
+		return errors.New("fleetdb OIDC client id not defined")
 	}
 
 	if v.GetString("fleetdb.client.secret") != "" {
@@ -158,7 +166,7 @@ func envVarOverrides(v *viper.Viper, cfg *Configuration) error {
 	}
 
 	if cfg.FleetDBOpts.ClientSecret == "" {
-		return errors.New("fleetdb client secret not defined")
+		return errors.New("fleetdb OIDC client secret not defined")
 	}
 
 	if v.GetString("fleetdb.client.scopes") != "" {
@@ -166,7 +174,7 @@ func envVarOverrides(v *viper.Viper, cfg *Configuration) error {
 	}
 
 	if len(cfg.FleetDBOpts.ClientScopes) == 0 {
-		return errors.New("fleetdb client scopes not defined")
+		return errors.New("fleetdb OIDC client scopes not defined")
 	}
 
 	return nil
diff --git a/internal/app/config.go b/internal/app/config.go
index 6f4e815..26ba2c6 100644
--- a/internal/app/config.go
+++ b/internal/app/config.go
@@ -16,6 +16,7 @@ type FleetDBAPIOptions struct {
 	Endpoint         string   `mapstructure:"endpoint"`
 	DisableOAuth     bool     `mapstructure:"disable_oauth"`
 	AudienceEndpoint string   `mapstructure:"audience_endpoint"`
+	IssuerEndpoint   string   `mapstructure:"issuer_endpoint"`
 	ClientID         string   `mapstructure:"client_id"`
 	ClientSecret     string   `mapstructure:"client_secret"`
 	ClientScopes     []string `mapstructure:"client_scopes"`