-
Notifications
You must be signed in to change notification settings - Fork 7
/
metadata.yaml
executable file
·123 lines (119 loc) · 3.05 KB
/
metadata.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
# Copyright 2023 Canonical Ltd.
# See LICENSE file for licensing details.
name: oidc-gatekeeper
summary: OIDC Gatekeeper
description: |
An HTTP Server that an API Gateway (eg Ambassador, Envoy)
asks if an incoming request is authorized.
https://journal.arrikto.com/kubeflow-authentication-with-istio-dex-5eafdfac4782
docs: https://discourse.charmhub.io/t/8237
website: https://charmhub.io/oidc-gatekeeper
source: https://github.com/canonical/oidc-gatekeeper-operator
issues: https://github.com/canonical/oidc-gatekeeper-operator/issues
containers:
oidc-authservice:
resource: oci-image
resources:
oci-image:
type: oci-image
description: 'Backing OCI image'
auto-fetch: true
upstream-source: charmedkubeflow/oidc-authservice:ckf-1.8-58e8217
peers:
client-secret:
interface: client-secret
provides:
oidc-client:
interface: oidc-client
schema:
v1:
provides:
type: object
properties:
id:
type: string
name:
type: string
redirectURIs:
type: array
items:
type: string
secret:
type: string
required:
- id
- name
- redirectURIs
- secret
versions: [v1]
__schema_source: https://raw.githubusercontent.com/canonical/operator-schemas/oidc-schemas/oidc-client.yaml
requires:
dex-oidc-config:
interface: dex-oidc-config
ingress:
interface: ingress
schema:
v2:
requires:
type: object
properties:
service:
type: string
port:
type: integer
namespace:
type: string
prefix:
type: string
rewrite:
type: string
required:
- service
- port
- namespace
- prefix
v1:
requires:
type: object
properties:
service:
type: string
port:
type: integer
prefix:
type: string
rewrite:
type: string
required:
- service
- port
- prefix
versions: [v1]
__schema_source: https://raw.githubusercontent.com/canonical/operator-schemas/service-mesh-schemas/ingress.yaml
ingress-auth:
interface: ingress-auth
schema:
v1:
requires:
type: object
properties:
service:
type: string
port:
type: integer
allowed-request-headers:
type: array
items:
type: string
allowed-response-headers:
type: array
items:
type: string
required:
- service
- port
versions: [v1]
__schema_source: https://raw.githubusercontent.com/canonical/operator-schemas/service-mesh-schemas/ingress-auth.yaml
logging:
interface: loki_push_api
optional: true