Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

THREESCALE-10519 - OAS without security section, while OpenAPI CR contains oidc section #898

Merged
merged 1 commit into from Dec 8, 2023
Merged

THREESCALE-10519 - OAS without security section, while OpenAPI CR contains oidc section #898

merged 1 commit into from Dec 8, 2023

Conversation

valerymo
Copy link
Contributor

@valerymo valerymo commented Nov 30, 2023
edited

Jira: https://issues.redhat.com/browse/THREESCALE-10519

This is a minor fix for OIDC PR #837

Before - if OpenAPI CR contains oidc section , but OAS (swagger produc source file) is without security section - Info message appear in Operator log, as implemented here:
https://github.com/3scale/3scale-operator/blob/master/controllers/capabilities/openapi_controller.go#L403-L406
Fix: add
Now - added warning to Openapi CR, as in log below:

$ oc describe openapis openapi-example 
Name:         openapi-example
Namespace:    3scale-test
Labels:       <none>
Annotations:  <none>
API Version:  capabilities.3scale.net/v1beta1
Kind:         OpenAPI
Metadata:
  Creation Timestamp:  2023-11-29T10:57:00Z
  Generation:          1
  Managed Fields:
    API Version:  capabilities.3scale.net/v1beta1
    Fields Type:  FieldsV1
    fieldsV1:
      f:metadata:
    .......
........
    Time:            2023-11-29T10:57:07Z
  Resource Version:  2413952
  UID:               93e91922-fd97-4393-943f-40fd0426c855
Spec:
  Oidc:
    Issuer Type:  keycloak
  Openapi Ref:
    URL:            https://raw.githubusercontent.com/OAI/OpenAPI-Specification/master/examples/v3.0/petstore.yaml
  Prefix Matching:  true
Status:
  Backend Resource Names:
    Name:  swaggerpetstore-93e91922-fd97-4393-943f-40fd0426c855
  Conditions:
......
    Last Transition Time:  2023-11-29T10:57:07Z
    Status:                True
    Type:                  Ready
  Observed Generation:     1
  Product Resource Name:
    Name:                 swaggerpetstore-93e91922-fd97-4393-943f-40fd0426c855
  Provider Account Host:  https://3scale-admin.apps.vmo01.mjhc.s1.devshift.org
Events:
  Type     Reason                                     Age    From     Message
  ----     ------                                     ----   ----     -------
  Warning  No security requirements are found in OAS  8m57s  OpenAPI  OIDC definitions in CR will be ignored, as no security requirements are found. Default to UserKey authentication

Validation

apiVersion: capabilities.3scale.net/v1beta1
kind: OpenAPI
metadata:
  generation: 1
  name: openapi-example
spec:
  oidc:
    issuerType: keycloak
  openapiRef:
    url: https://raw.githubusercontent.com/OAI/OpenAPI-Specification/master/examples/v3.0/petstore.yaml
  prefixMatching: true

@valerymo valerymo requested a review from a team as a code owner November 30, 2023 09:08
@codeclimate CodeClimate
Copy link

codeclimate bot commented Nov 30, 2023

Code Climate has analyzed commit 597bf2d and detected 0 issues on this pull request.

View more on Code Climate.

@valerymo valerymo changed the title THREESCALE-10519 - OAS without security section THREESCALE-10519 - OAS without security section, while OpenAPI CR contains oidc section Nov 30, 2023
@MStokluska
Copy link
Contributor

/lgtm

Merging this as a temporary measure to improve logging of the warning. More improvements to come as part of another Jiras.

@MStokluska MStokluska merged commit 3676245 into 3scale:master Dec 8, 2023
14 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@valerymo @MStokluska