From a1beb18116e40e293aaa44b3cb53c84ef7c47107 Mon Sep 17 00:00:00 2001 From: dd di cesare Date: Tue, 20 Dec 2022 23:28:33 +0100 Subject: [PATCH] [bundle] Updated bundle --- ...adrant-operator.clusterserviceversion.yaml | 124 +++++++++++++++++- 1 file changed, 120 insertions(+), 4 deletions(-) diff --git a/bundle/manifests/kuadrant-operator.clusterserviceversion.yaml b/bundle/manifests/kuadrant-operator.clusterserviceversion.yaml index 41fb79bf2..d2b981138 100644 --- a/bundle/manifests/kuadrant-operator.clusterserviceversion.yaml +++ b/bundle/manifests/kuadrant-operator.clusterserviceversion.yaml @@ -4,6 +4,57 @@ metadata: annotations: alm-examples: |- [ + { + "apiVersion": "kuadrant.io/v1beta1", + "kind": "AuthPolicy", + "metadata": { + "name": "toystore" + }, + "spec": { + "authScheme": { + "identity": [ + { + "apiKey": { + "allNamespaces": true, + "selector": { + "matchLabels": { + "app": "toystore" + } + } + }, + "credentials": { + "in": "authorization_header", + "keySelector": "APIKEY" + }, + "name": "friends" + } + ], + "response": [ + { + "json": { + "properties": [ + { + "name": "userID", + "valueFrom": { + "authJSON": "auth.identity.metadata.annotations.secret\\.kuadrant\\.io/user-id" + } + } + ] + }, + "name": "rate-limit-apikey", + "wrapper": "envoyDynamicMetadata", + "wrapperKey": "ext_auth_data" + } + ] + }, + "rules": null, + "targetRef": { + "group": "gateway.networking.k8s.io", + "kind": "HTTPRoute", + "name": "toystore" + } + } + }, { "apiVersion": "kuadrant.io/v1beta1", "kind": "Kuadrant", @@ -11,6 +62,61 @@ metadata: "name": "kuadrant-sample" }, "spec": {} + }, + { + "apiVersion": "kuadrant.io/v1beta1", + "kind": "RateLimitPolicy", + "metadata": { + "name": "toystore" + }, + "spec": { + "rateLimits": [ + { + "configurations": [ + { + "actions": [ + { + "metadata": { + "default_value": "no-user", + "descriptor_key": "userID", + "metadata_key": { + "key": "envoy.filters.http.ext_authz", + "path": [ + { + "segment": { + "key": "ext_auth_data" + } + }, + { + "segment": { + "key": "userID" + } + } + ] + } + } + } + ] + } + ], + "limits": [ + { + "conditions": [], + "maxValue": 2, + "seconds": 10, + "variables": [ + "userID" + ] + } + ] + } + ], + "targetRef": { + "group": "gateway.networking.k8s.io", + "kind": "HTTPRoute", + "name": "toystore" + } + } } ] capabilities: Basic Install @@ -26,7 +132,9 @@ spec: apiservicedefinitions: {} customresourcedefinitions: owned: - - kind: AuthPolicy + - description: Enable AuthN and AuthZ based access control on workloads + displayName: AuthPolicy + kind: AuthPolicy name: authpolicies.kuadrant.io version: v1beta1 - description: Kuadrant is the Schema for the kuadrants API @@ -34,11 +142,13 @@ spec: kind: Kuadrant name: kuadrants.kuadrant.io version: v1beta1 - - kind: RateLimitPolicy + - description: Enable access control on workloads based on HTTP rate limiting + displayName: RateLimitPolicy + kind: RateLimitPolicy name: ratelimitpolicies.kuadrant.io version: v1beta1 - description: Kuadrant Operator - displayName: Kuadrant + description: A Kubernetes Operator to manage the lifecycle of the Kuadrant system + displayName: Kuadrant Operator icon: - base64data: iVBORw0KGgoAAAANSUhEUgAAAMgAAADICAIAAAAiOjnJAAAHCklEQVR4nOzc72tWdQPH8e+tm/ecXGNO77mb3beZLgtkDxpCgT4IBBFqJT1YRqFS5oMS/BG5ioqhUc3IFKwHpqHSg9qDsCwIQeiBQoEotISyzcwa6bI5Nlyms8X4Lp1u1zzXub6f8/2ea+/XH3DO58GbXeec69opGhgYMIBrE3wPQGEiLEgQFiQICxKEBQnCggRhQYKwIEFYkCAsSBAWJAgLEoQFCcKCBGFBgrAgQViQICxIEBYkCAsShAUJwoIEYUGCsCBBWJAgLEgQFiQICxKEBQnCggRhQYKwIEFYkCAsSBAWJAgLEoQFCcKCBGFBgrAgQViQICxIEBYkCAsShAUJwoIEYUGCsCBR5HtAJI89uqytvT2fI2zetHnxkiXuFgn1d3eead44s3FLUXml7y3xpSOstvb24998m88Rurq63M0R6u/uPPlkw6VjZy+dbJi7uyW9bfFRGJBrVRljLh07++Mrz/heFB9hhWJ4VVbvgdZTL6z0Oio+wgrCyKqs7g+/+mX7855G5YWw/MtWldW5bf/5lh2Jj8oXYXk2dlVWR/POvtbDCY5ygLB8ilKVMeZq1+X2Dev7uzuT2uUAYXkTsSrrSltv+/o0XcgTlh85VWVd/PLUufdfU45yibA8iFGV1bF5X1outggraX2th+NVZZ1uesn1IgnCSlRf6+EfVj4duyr7RD4VT7YIKzm2qqtdl/M8Tue2/X/+dMLRKBXCSoirqqzTTc85OY4OYSXBbVX2DrH7iw9cHU2BsOScV2X9/NZ2twd0i7C0RFXZR6Yhf4dIWEK6qqyO5p3Bfs9DWCrqqux3iGf3btUdPx+EJZFAVdaFzw6pTxEPYbmXWFUhX2kRlmNJVmX9+t7exM4VHWG5lHxV9o9Wz5EDSZ4xCsJyxktV1rmP9iV/0rERlhseq7L/zxPacwfCcsBvVdbvH+/yePaRCCtfIVQ1GNbnB/0OuAlh5SWQquzvtIL6LQ1hxRdOVVb3oU98T7iOsGIKrarQPg0JK44Aq7KfhuHcGxJWzsKsyuo+2OJ7whDCyk3IVRljeo4f9T1hCGHl4HzLju8eXBVsVcaYi0dDuTEkrKjOt+w40xji7wiGu9LWG8hlFmFFkoqqrL4TX/ueYAgrkhRVNXiZdfSI7wmGsG4tXVUZY/7I7/XSrhDWWFJX1eBlVsdvvicYwhpLGquyj0l9TzCElVVKq7JCeNURYY0i1VUZY/p7LvieQFgjpL2qwev371t9TyCsGxVAVYPX7709vicQ1jCFUVUgCGtIIVUVwqMswjIFVpUx5q/ei74nEFbBVRWI8R4WVYmM67CoSmdchwWdcR3W9IY1M5vX+F5RmMZ1WLSlM97Doi0RwjKF19aEzBTfEwjrH4XU1uQ5c3xPIKxhCqkt7wjrBoXRVnGmzPcEwhqhANqafGet7wmENZq0t1VUNtX3BMLKItVtldYu9D2BsLJLaVsldVW+JxjCuoU0tlVc/R/fEwxh3Vrq2grhIRZhRZKutsrmL/A9wRBWVClqq3TePb4nGMLKQSraKq7JFJVX+l5hCCs30xvW3PXprokVk3wPyWrK/Hm+JwwhrNyU1i68Y8+7wbZVdvd83xOGEFbOQm6rfHGD7wlDCCuOMNsqqasK5AKLsOILsK1p9y/2PeE6woovtLbKFz3ke8J1hJWXcNoqqav6922h3BISlgOBtBXU5yBhuRFCW9MeXuXx7CMRlht+28rU14ZzP2gRljMe25rxyPLkTzo2wnLJS1vFNZmyBfVJnjEKwnIs+bb++9SKxM4VHWG5l2RbxTWZ6Q0h/uaCsCQSa2vqA4vUp4iHsFQSaGtixaSqFRt0x88HYQmp26puXB3aU4ZrCEtL11awV1cWYcmJ2vr/s2vdHtAtwkqC87am3De7fMnjro6mQFgJcdvWrKY3nRxHh7CS46qtynVLg/qFzKgIK1G2rXxer1BSV/W/tW84HSVBWEkrrV04d3dL7LZmNb3qepEEYXlQVF4Zr63ql5eH8IqiKAjLjxhtZeprZzzxonKUS4TlTU5tFddkbt/0jn6UM4TlU8S2JlZMmrP17WC/vRkVYXkWpa3qxtVpubS6hrD8G7utynVLQ/5OMBvCCkK2tsqX3ZuKp1YjEVYoRraVqa+d/foer6PiI6yADG+rpK4qXbeBNynyPSCSmrxf2FpRUeFoi5Zt60zzxpmNW9J1G3iTfw0MDPjegALERyEkCAsShAUJwoIEYUGCsCBBWJAgLEgQFiQICxKEBQnCggRhQYKwIEFYkCAsSBAWJAgLEoQFCcKCBGFBgrAgQViQICxIEBYkCAsShAUJwoIEYUGCsCBBWJAgLEgQFiQICxKEBQnCggRhQYKwIEFYkCAsSBAWJAgLEoQFCcKCBGFBgrAgQViQICxI/B0AAP//uLJ9vDn6iowAAAAASUVORK5CYII= mediatype: image/png @@ -479,6 +589,12 @@ spec: - api - api-management - Kuadrant + - kubernetes + - openshift + - cloud-service-protection + - rate-limiting + - authentication + - authorization links: - name: Kuadrant Operator url: https://github.com/Kuadrant/kuadrant-operator