Add {Peer,Request}Authentication objects to Create Istio Config #1804
Add {Peer,Request}Authentication objects to Create Istio Config #1804
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@lucasponce wdyt, from UX perspective, is't it better to disable Create button when Add Workload Selector and Add Port MTLS are checked but no values are given?
+1 |
Please add regex check on RequestAuthentication name to disable the Create button if the name is wrong. |
@hhovsepy yes, you are right, I'm going to incorporate these validations, also extend them to |
Mmm in the form it's showed as "Header: value, Header2: value2", but when you create the yaml should be created as an object. It's just visualization in the form is simpler just to match the pattern used by curl or similar. I'll add helper text describing the format, and a validation there. |
@hhovsepy @xeviknal I have addressed most of the validations and comments. Basically I refactored the IstioConfigNewPage to have a common pattern. There is a pending work I'm reviewing, as Gateways have changed in Istio 1.6 and scenarios with https doesn't work well in the IstioConfig form and wizards, but I will probably send that in a separate PR to not increase this one without context. Please, let me know if it works ok, @hhovsepy @xeviknal take care of all types, probably I may introduce some regression as the changes were important. Thanks |
660e28c
to
072df14
Compare
072df14
to
b0bd305
Compare
+1 It happens to other builders that use the same technique to remove available fields from a select. |
I see that the |
I can still see 2 problems:
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Small comment added. LGTM besides that :)
All my issues are fixed, thank @lucasponce . |
That is expected, JWT Rule Builder can create 1 to many JWT Rules. Each JWT Rule should have an issuer. Any row in the JWT Rules List is a JWT Rule that must have an issuer field. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Verified.
Verified also fix of: kiali/kiali#2694 |
…i#1804) * Add {Peer,Request}Authentication objects to Create Istio Config * Fix correct iteration method * Fix PeerAuthentication state * Refactor IstioConfigNewPage for better place of validations * Fix linter * PeerAuthentication validations * Add RequestAuthentication validation * Prettier fixes * Fix ci errors * Address Hayk and Xavi's comments * Fix jwks and formatOriginalToken issues * Fix debug console logs
…ig (#1807) * Add {Peer,Request}Authentication objects to Create Istio Config (#1804) * Add {Peer,Request}Authentication objects to Create Istio Config * Fix correct iteration method * Fix PeerAuthentication state * Refactor IstioConfigNewPage for better place of validations * Fix linter * PeerAuthentication validations * Add RequestAuthentication validation * Prettier fixes * Fix ci errors * Address Hayk and Xavi's comments * Fix jwks and formatOriginalToken issues * Fix debug console logs * Adjust prettier to v1.18 style
This PR adds support to PeerAuthentication and RequestAuthentication objects in Create New IstioConfig.
Now together with AuthorizationPolicy, Kiali should be able to create all type of Security scenarios.
Requires kiali/kiali#2797
How to test:
Fixes kiali/kiali#2797
Fixes kiali/kiali#2685
Fixes kiali/kiali#2694