Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add CRD schema docs and examples for the openshift auth settings #648

Closed
wants to merge 1 commit into from
Closed

add CRD schema docs and examples for the openshift auth settings #648

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
4 changes: 4 additions & 0 deletions crd-docs/cr/kiali.io_v1alpha1_kiali.yaml
View file
Open in desktop
Expand Up @@ -51,9 +51,13 @@ spec:
username_claim: "sub"
openshift:
auth_timeout: 10
#client_id:
client_id_prefix: "kiali"
#custom_ca:
server_prefix: "https://kubernetes.default.svc/"
#token_inactivity_timeout:
#token_max_age:
use_system_ca: false

# default: custom_dashboards is an empty list
custom_dashboards:
Expand Down
14 changes: 13 additions & 1 deletion crd-docs/crd/kiali.io_kialis.yaml
View file
Open in desktop
Expand Up @@ -187,15 +187,27 @@ spec:
auth_timeout:
description: "The amount of time in seconds Kiali will wait for a response from the OpenShift API server when requesting authentication results."
type: integer
client_id:
description: "The full client ID used to identify the OAuth client. If specified, client_id_prefix is ignored."
type: string
client_id_prefix:
description: "The Route resource name and OAuthClient resource name will have this value as its prefix. This value normally should never change. The installer will ensure this value is set correctly."
description: "The Route resource name and OAuthClient resource name will have this value as its prefix. This value normally should never change. The installer will ensure this value is set correctly. This is ignored if client_id is specified."
type: string
custom_ca:
description: "When set, this is the base64-encoded CA cert used for OpenShift OAuth. When set, use_system_ca is ignored."
type: string
server_prefix:
description: "The protocol://hostname/ used to communicate with the OpenShift cluster during OAuth handshake. Default is `https://kubernetes.default.svc/`."
type: string
token_inactivity_timeout:
description: "Timeout that overrides the default OpenShift token inactivity timeout. This value represents the maximum amount of time in seconds that can occur between consecutive uses of the token. Tokens become invalid if they are not used within this temporal window. If 0, the Kiali tokens never timeout. OpenShift may have a minimum allowed value - see the OpenShift documentation specific for the version of OpenShift you are using. WARNING: existing tokens will not be affected by changing this setting."
type: integer
token_max_age:
description: "A time duration in seconds that overrides the default OpenShift access token max age. If 0 then there will be no expiration of tokens."
type: integer
use_system_ca:
description: "When false, the Kiali serviceaccount CA is used during OpenShift OAuth. When true, the system CA is used. This is ignored if custom_ca is specified. Default is `false`."
type: boolean

custom_dashboards:
description: |
Expand Down