search

Kuadrant / kuadrantctl

Kuadrant configuration command line utility
Apache License 2.0
6 stars 13 forks source link

generate kuadrant authconfig #37

Closed eguzki closed 2 years ago

eguzki commented 2 years ago

New command to generate AuthConfig objects from your OpenAPI spec.

kuadrantctl generate kuadrant authconfig

Running example:

Using the following OpenAPI spec that contains three operations:

The generated AuthConfig would be:

kind: AuthConfig
apiVersion: authorino.kuadrant.io/v1beta1
metadata:
  name: petstoreapi
  creationTimestamp: null
spec:
  hosts:
    - example.io
  identity:
    - name: postCat
      when:
        - selector: context.request.http.path.@extract:{"sep":"/"}
          operator: eq
          value: /cat
        - selector: context.request.http.method.@case:lower
          operator: eq
          value: post
      credentials:
        in: header
        keySelector: api_key
      apiKey:
        labelSelectors:
          app: petstoreapi
          authorino.kuadrant.io/managed-by: authorino
    - name: getDog
      when:
        - selector: context.request.http.path.@extract:{"sep":"/"}
          operator: eq
          value: /dog
        - selector: context.request.http.method.@case:lower
          operator: eq
          value: get
      credentials:
        keySelector: ""
      oidc:
        endpoint: http://example.org/auth/realms/myrealm
status:
  ready: false
  numIdentitySources: 0
  numMetadataSources: 0
  numAuthorizationPolicies: 0
  numResponseItems: 0
  festivalWristbandEnabled: false
maleck13 commented 2 years ago

@eguzki tried out the example and looks good. One thing is it created a status block in the authconfig is that expected?

codecov-commenter commented 2 years ago

Codecov Report

Merging #37 (780d7e9) into generate-istiointegration (94ec0aa) will decrease coverage by 0.78%. The diff coverage is 21.42%.

Impacted file tree graph

@@                      Coverage Diff                      @@
##           generate-istiointegration      #37      +/-   ##
=============================================================
- Coverage                      30.39%   29.60%   -0.79%     
=============================================================
  Files                             19       21       +2     
  Lines                           1020     1118      +98     
=============================================================
+ Hits                             310      331      +21     
- Misses                           659      733      +74     
- Partials                          51       54       +3
Impacted Files Coverage Δ
cmd/generate_kuadrant_authconfig.go 11.49% <11.49%> (ø)
cmd/generate.go 100.00% <100.00%> (ø)
cmd/generate_kuadrant.go 100.00% <100.00%> (ø)

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update 94ec0aa...780d7e9. Read the comment docs.

eguzki commented 2 years ago

@eguzki tried out the example and looks good. One thing is it created a status block in the authconfig is that expected?

Because the .status is an embbeded struct which 0 value is still serialized even though it has the json tag omitempty.

It should no do any harm to create the object with the .status field, as the controller should update it always based on the current state.

There is a way to have the CLI remove the status field. After serialization, unserialize with unstructured types (maps and lists), then, remove the status with a delete(authConfigMap, "status") and then serialize again. I do not think it is really needed. Let me know if it is convenient for you.

eguzki commented 2 years ago

Thanks for the reviews.

This PR can be merged after #36