From 07934c896b86045912247b977295fff25142a71f Mon Sep 17 00:00:00 2001
From: Michael Borland <98965906+mkborland@users.noreply.github.com>
Date: Tue, 19 Nov 2024 17:08:30 -0600
Subject: [PATCH] feat: add ability to set user groups for access (#169)

---
 chart/templates/uds-package.yaml | 7 +++++++
 chart/values.yaml                | 1 +
 2 files changed, 8 insertions(+)

diff --git a/chart/templates/uds-package.yaml b/chart/templates/uds-package.yaml
index 33fff11d..27149464 100644
--- a/chart/templates/uds-package.yaml
+++ b/chart/templates/uds-package.yaml
@@ -30,6 +30,13 @@ spec:
         - "email"
         {{ end }}
       {{- end }}
+      groups:
+        anyOf:
+        {{- if .Values.sso.requiredGroups }}
+          {{- range .Values.sso.requiredGroups }}
+            - "{{ . }}"
+          {{- end }}
+        {{- end }}
 
       secretName: {{ .Values.sso.secretName }}
       secretTemplate:
diff --git a/chart/values.yaml b/chart/values.yaml
index 8daf03ad..c5b8032b 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -38,6 +38,7 @@ sso:
 
   # This will replace the current list of default client scopes.
   defaultClientScopes: []
+  requiredGroups: []
 
   # These should typically be disabled if SSO is enabled
   enable_sign_up_with_email: false