AgileWebs/thalos-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
feature/thalos-service-google-oidc
thalos-service/docs/runbooks/containerization.md
José René White Enciso dec12f912f feat(thalos-service): add google token exchange orchestration
2026-03-11 04:27:02 -06:00

877 B
Raw Permalink Blame History

Containerization Runbook

Image Build

If the repo consumes internal packages from Gitea, pass feed credentials as build args.

docker build   --build-arg NUGET_FEED_USERNAME=<gitea-login>   --build-arg NUGET_FEED_TOKEN=<gitea-token>   -t agilewebs/thalos-service:dev .

Local Run

docker run --rm -p 8080:8080 \
  -e ThalosIdentity__Secrets__SessionSigning=<session-signing-secret> \
  -e ThalosIdentity__Secrets__Oidc__Google__ClientId=<google-client-id> \
  -e ThalosIdentity__Secrets__Oidc__Google__Issuer=https://accounts.google.com \
  --name thalos-service agilewebs/thalos-service:dev

Health Probe

  • Path: /health
  • Fallback path: /healthz
  • Port: 8080

Runtime Notes

  • Exposes internal identity runtime endpoint set and gRPC service.
  • Google OIDC claim validation requires ThalosIdentity:Secrets:Oidc:Google:ClientId.