It cannot require 'value' or the conversion will fail when the value is an empty string (due to JSON marshalling/unmarshalling involved).

- Let the Operator deploy the default conversion webhook service
- Substitute the webhook image with the one built locally
- Keep the patches to the AuthConfig CRD performed by the Operator to activate the webhook before re-applying the CRD with local changes

…maps

This field is required and therefore should be set as the Kube API server would – i.e. not as nil, but with an empty array when it has no elements.

… API

…efix

…|callbacks).http.insecure

…olicy HTTP settings

This reverts commit b556c26.

| User guide                                                                             | File                                                                       |
|----------------------------------------------------------------------------------------|----------------------------------------------------------------------------|
| Anonymous access                                                                       | `docs/user-guides/anonymous-access.md`                                     |
| Authentication with API keys                                                           | `docs/user-guides/api-key-authentication.md`                               |
| Authenticated rate limiting (with Envoy Dynamic Metadata)                              | `docs/user-guides/authenticated-rate-limiting-envoy-dynamic-metadata.md`   |
| Integration with Authzed/SpiceDB                                                       | `docs/user-guides/authzed.md`                                              |
| Caching                                                                                | `docs/user-guides/caching.md`                                              |
| Redirecting to a login page                                                            | `docs/user-guides/deny-with-redirect-to-login.md`                          |
| Edge Authentication Architecture (EAA)                                                 | `docs/user-guides/edge-authentication-architecture-festival-wristbands.md` |
| Mixing Envoy built-in filter for auth and Authorino                                    | `docs/user-guides/envoy-jwt-authn-and-authorino.md`                        |
| Fetching auth metadata from external sources                                           | `docs/user-guides/external-metadata.md`                                    |
| Host override via context extension                                                    | `docs/user-guides/host-override.md`                                        |
| HTTP "Basic" Authentication (RFC 7235)                                                 | `docs/user-guides/http-basic-authentication.md`                            |
| Injecting data in the request                                                          | `docs/user-guides/injecting-data.md`                                       |
| Simple pattern-matching authorization policies                                         | `docs/user-guides/json-pattern-matching-authorization.md`                  |
| Authorization with Keycloak Authorization Services                                     | `docs/user-guides/keycloak-authorization-services.md`                      |
| Kubernetes RBAC for service authorization (SubjectAccessReview API)                    | `docs/user-guides/kubernetes-subjectaccessreview.md`                       |
| Authentication with Kubernetes tokens (TokenReview API)                                | `docs/user-guides/kubernetes-tokenreview.md`                               |
| Authentication with X.509 certificates and Mutual Transport Layer Security (mTLS)      | `docs/user-guides/mtls-authentication.md`                                  |
| OAuth 2.0 token introspection (RFC 7662)                                               | `docs/user-guides/oauth2-token-introspection.md`                           |
| OpenID Connect Discovery and authentication with JWTs                                  | `docs/user-guides/oidc-jwt-authentication.md`                              |
| OpenID Connect (OIDC) and Role-Based Access Control (RBAC) with Authorino and Keycloak | `docs/user-guides/oidc-rbac.md`                                            |
| OpenID Connect UserInfo                                                                | `docs/user-guides/oidc-user-info.md`                                       |
| Open Policy Agent (OPA) Rego policies                                                  | `docs/user-guides/opa-authorization.md`                                    |
| Passing credentials (`Authorization` header, cookie headers and others)                | `docs/user-guides/passing-credentials.md`                                  |
| Resource-level authorization with User-Managed Access (UMA) resource registry          | `docs/user-guides/resource-level-authorization-uma.md`                     |
| Reducing the operational space                                                         | `docs/user-guides/sharding.md`                                             |
| Token normalization                                                                    | `docs/user-guides/token-normalization.md`                                  |
| Using Authorino as ValidatingWebhook service                                           | `docs/user-guides/validating-webhook.md`                                   |

…ng and RawExtension back and forth as json

…to authconfig v1beta1

…new Authorino Operator install script

…a)' user guide

…e to avoid shell command issues

…rapped within quotes to avoid auto-escaping when pasting in a few terminals