From e4d5e3f6187c23a74a737610ba1f322e09ddcfca Mon Sep 17 00:00:00 2001
From: Masaki Yatsu <yatsu@yatsu.info>
Date: Thu, 2 Oct 2025 15:40:07 +0900
Subject: [PATCH] feat(oauth2-proxy): setting skip auth routes

---
 oauth2-proxy/justfile                              | 3 ++-
 oauth2-proxy/oauth2-proxy-deployment.gomplate.yaml | 5 +++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/oauth2-proxy/justfile b/oauth2-proxy/justfile
index 96bd50e..f97b272 100644
--- a/oauth2-proxy/justfile
+++ b/oauth2-proxy/justfile
@@ -11,7 +11,7 @@ default:
     @just --list --unsorted --list-submodules
 
 # Setup OAuth2 Proxy for an application
-setup-for-app app_name app_host app_namespace="default" upstream_service="":
+setup-for-app app_name app_host app_namespace="default" upstream_service="" skip_auth_routes="":
     #!/bin/bash
     set -euo pipefail
 
@@ -81,6 +81,7 @@ setup-for-app app_name app_host app_namespace="default" upstream_service="":
     export APP_HOST="{{ app_host }}"
     export APP_NAMESPACE="{{ app_namespace }}"
     export UPSTREAM_SERVICE="${upstream_service}"
+    export SKIP_AUTH_ROUTES="{{ skip_auth_routes }}"
 
     gomplate -f oauth2-proxy-deployment.gomplate.yaml | kubectl apply -f -
     gomplate -f oauth2-proxy-service.gomplate.yaml | kubectl apply -f -
diff --git a/oauth2-proxy/oauth2-proxy-deployment.gomplate.yaml b/oauth2-proxy/oauth2-proxy-deployment.gomplate.yaml
index b238bde..c808215 100644
--- a/oauth2-proxy/oauth2-proxy-deployment.gomplate.yaml
+++ b/oauth2-proxy/oauth2-proxy-deployment.gomplate.yaml
@@ -11,6 +11,11 @@ data:
     redirect_url = "https://{{ .Env.APP_HOST }}/oauth2/callback"
     email_domains = "*"
     reverse_proxy = true
+    {{- if .Env.SKIP_AUTH_ROUTES }}
+    skip_auth_routes = [{{ range $i, $route := (split .Env.SKIP_AUTH_ROUTES ",") }}{{ if $i }},{{ end }}
+      "^{{ $route }}"{{ end }}
+    ]
+    {{- end }}
 
 ---
 apiVersion: apps/v1