Adding oauth2 login to Auto DevOps environment

Hi there!

What is this topic about?

I want to add Group based oauth2 login to my auto deployed staging environments. But I have no clue to achieve that.

What my setup looks like

I am running a self hosted GitLab and connected it successfully to my self hosted Kubernetes cluster. I added the Cluster management template project and deployed ingress and cert-manager to my cluster.

In the next step I added a node js project with a Dockerfile which is serving the built node project.

So far everything’s works great: Auto DevOps Pipline deploys successfully my staging environment, it gets a lets encrypt certificate and load balanced by ingress.

What exactly is my goal?

I want to organize my customer projects in Gitlab groups. My customers should be able to register an account on my gitlab instance and use their credentials to authenticate with the staging environment. Therefore I may need something like a per project based oauth proxy. Ideally integrated in the auto devops pipeline and triggered when I add oauth environment variables to my projects.

My thoughts so far

I read about oauth2-proxy helm chart and I think I can achieve my goal using it somehow. Unfortunately I just started diving into GitLab Auto DevOps, Helm, Ingress and Kubernetes.

I’d really appreciate any idea from the community, as I am not quite sure where to start editing the config files.