From e3faff7acfa6451be85e01836a3579b4c9b519d5 Mon Sep 17 00:00:00 2001
From: TheAnachronism <theanachronism@outlook.com>
Date: Sun, 18 Feb 2024 16:45:37 +0100
Subject: [PATCH] Started adding different assertions and checks of values, so
 that less invalid configuration is possible.

---
 kubernetes/helm/docspell/templates/restserver/secret.yaml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/kubernetes/helm/docspell/templates/restserver/secret.yaml b/kubernetes/helm/docspell/templates/restserver/secret.yaml
index 854cc2fd..fde89134 100644
--- a/kubernetes/helm/docspell/templates/restserver/secret.yaml
+++ b/kubernetes/helm/docspell/templates/restserver/secret.yaml
@@ -16,6 +16,11 @@ stringData:
       {{- fail "When enabling the administration endpoint, a value for authentication has the supplied." -}}
       {{- end -}}
       {{- end -}}
+      {{- range $entry := .Values.docspell.server.openid -}}
+      {{- if and (not $entry.provider.userUrl) (not $entry.provider.signKey) -}}
+      {{- fail (printf "Failure for %s, if no userUrl is set a signKey has to be specified." $entry.provider.providerId) -}}
+      {{- end -}}
+      {{- end -}}
       {{- if eq .Values.docspell.server.backend.signup.mode "invite" -}}
       {{- if not .Values.docspell.server.backend.signup.newInvitePassword -}}
       {{- fail "Invite password has to be set, when using signup mode 'invite'." -}}