From 16dd0b7c55c59bac8cddea9c8684b40704c9ad40 Mon Sep 17 00:00:00 2001
From: Danton Heuer <dantonheuer@outlook.com>
Date: Mon, 10 Feb 2025 23:20:24 -0300
Subject: [PATCH] docs: fix OpenID documentation for helm chart

Minor adjustments in the Helm chart values documentation provide more information that can avoid a few hours of debugging.
---
 charts/penpot/Chart.yaml  | 7 ++++++-
 charts/penpot/README.md   | 6 +++---
 charts/penpot/values.yaml | 8 ++++----
 3 files changed, 13 insertions(+), 8 deletions(-)

diff --git a/charts/penpot/Chart.yaml b/charts/penpot/Chart.yaml
index 08cdf28..a01c574 100644
--- a/charts/penpot/Chart.yaml
+++ b/charts/penpot/Chart.yaml
@@ -30,7 +30,7 @@ annotations:
     - name: support
       url: https://github.com/penpot/penpot-helm/issues
     - name: community
-      url: https://community.penpot.app
+      url: https://community.penpot.appto
     - name: documentation
       url: https://help.penpot.app/
     - name: tutorials
@@ -61,6 +61,11 @@ annotations:
       links:
         - name: GitHub PR 18
           url: https://github.com/penpot/penpot-helm/pull/18
+    - kind: fixed
+      description: Fix documentation related to OpenID integration. Thanks to @danton721
+      links:
+        - name: GitHub PR 21
+          url: https://github.com/penpot/penpot-helm/pull/21
 dependencies:
   - name: postgresql
     version: 15.x.x  # appVersion >= 16.2.0
diff --git a/charts/penpot/README.md b/charts/penpot/README.md
index e0ab4c3..b4664c2 100644
--- a/charts/penpot/README.md
+++ b/charts/penpot/README.md
@@ -119,9 +119,9 @@ helm install my-release -f values.yaml penpot/penpot
 | config.providers.oidc.emailAttribute | string | `""` | Optional OpenID Connect email attribute to use. If not provided, the `email` prop will be used. |
 | config.providers.oidc.enabled | bool | `false` | Whether to enable OIDC configuration. To enable OpenID Connect auth, also add `enable-login-with-oidc` to the flags. |
 | config.providers.oidc.nameAttribute | string | `""` | Optional OpenID Connect name attribute to use. If not provided, the `name` prop will be used. |
-| config.providers.oidc.roles | string | `"role1 role2"` | Optional OpenID Connect roles to use. If no role is provided, roles checking  disabled. |
-| config.providers.oidc.rolesAttribute | string | `""` | Optional OpenID Connect roles attribute to use. If not provided, the roles checking will be disabled. |
-| config.providers.oidc.scopes | string | `"scope1 scope2"` | Optional OpenID Connect scopes to use. This settings allow overwrite the required scopes, use with caution because penpot requres at least `name` and `email` attrs found on the user info. Optional, defaults to `openid profile`. |
+| config.providers.oidc.roles | string | `"designer developer"` | Optional OpenID Connect roles to use. If no role is provided, role checking is  disabled (default role values are set below, to disable role verification, send an empty string). |
+| config.providers.oidc.rolesAttribute | string | `""` | Optional OpenID Connect roles attribute to use. If not provided, the role checking will be disabled. |
+| config.providers.oidc.scopes | string | `"scope1 scope2"` | Optional OpenID Connect scopes to use. These settings allow overwriting the required scopes, use with caution because penpot requires at least `name` and `email` attrs found on the user info. Optional, defaults to `openid profile`. |
 | config.providers.oidc.tokenURI | string | `""` | Optional OpenID Connect token URI to use. Auto discovered if not provided. |
 | config.providers.oidc.userURI | string | `""` | Optional OpenID Connect user URI to use. Auto discovered if not provided. |
 | config.providers.secretKeys.githubClientIDKey | string | `""` | The GitHub client ID key to use from an existing secret. |
diff --git a/charts/penpot/values.yaml b/charts/penpot/values.yaml
index 82ee3a5..022a232 100644
--- a/charts/penpot/values.yaml
+++ b/charts/penpot/values.yaml
@@ -247,13 +247,13 @@ config:
       # -- Optional OpenID Connect user URI to use. Auto discovered if not provided.
       # @section -- Configuration parameters
       userURI: ""
-      # -- Optional OpenID Connect roles to use. If no role is provided, roles checking  disabled.
+      # -- Optional OpenID Connect roles to use. If no role is provided, role checking is  disabled (default role values are set below, to disable role verification, send an empty string).
       # @section -- Configuration parameters
-      roles: "role1 role2"
-      # -- Optional OpenID Connect roles attribute to use. If not provided, the roles checking will be disabled.
+      roles: "designer developer"
+      # -- Optional OpenID Connect roles attribute to use. If not provided, the role checking will be disabled.
       # @section -- Configuration parameters
       rolesAttribute: ""
-      # -- Optional OpenID Connect scopes to use. This settings allow overwrite the required scopes, use with caution because penpot requres at least `name` and `email` attrs found on the user info. Optional, defaults to `openid profile`.
+      # -- Optional OpenID Connect scopes to use. These settings allow overwriting the required scopes, use with caution because penpot requires at least `name` and `email` attrs found on the user info. Optional, defaults to `openid profile`.
       # @section -- Configuration parameters
       scopes: "scope1 scope2"
       # -- Optional OpenID Connect name attribute to use. If not provided, the `name` prop will be used.