Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

User info fetcher #433

Merged
merged 119 commits into from Jan 4, 2024
Merged

User info fetcher #433

Show file tree
Hide file tree
Changes from 118 commits
Commits
Show all changes
119 commits
Select commit Hold shift + click to select a range
455bdc4
Add group fetcher container
nightkr Apr 12, 2023
63ee375
Spike group fetcher functionality
nightkr Apr 12, 2023
bca2d62
Rename group fetcher to user info fetcher
nightkr Apr 12, 2023
9c1098c
Generalize enrichment endpoints to have room for arbitrary user info
nightkr Apr 12, 2023
8b28fd4
Expose user roles
nightkr Apr 12, 2023
a5bbe88
Make UIF configurable
nightkr Oct 2, 2023
08823b7
Make UIF credentials configurable too
nightkr Oct 2, 2023
412e542
OPA 0.45 -> 0.51
nightkr Oct 2, 2023
22507d0
Broke out UIF into its own crate
nightkr Oct 2, 2023
cffa188
UIF error handling
nightkr Oct 3, 2023
c74b6d9
Ingest custom attributes
nightkr Oct 3, 2023
1ef78e8
Shut down on SIGTERM
nightkr Oct 19, 2023
67e411f
Split keycloak backend out into separate module
nightkr Oct 20, 2023
eb134b7
Fix UIF startup when using none backend
nightkr Oct 20, 2023
fb6da54
Rename GroupMembershipRequest to UserInfoRequest
nightkr Oct 20, 2023
f298e0b
Cache fetched UserInfo
nightkr Oct 23, 2023
b1644e4
Merge branch 'main' into spike/user-info-fetcher
nightkr Oct 23, 2023
3d160ca
Switch UIF to also use workspace dependencies
nightkr Oct 23, 2023
a4f495d
Configurable UIF cache ttl
nightkr Oct 23, 2023
57b45c7
UIF crate metadata
nightkr Oct 23, 2023
20e585c
Move userInfo rule into helm chart
nightkr Oct 23, 2023
05df3cb
Turn UIF custom attributes into a multidict
nightkr Oct 24, 2023
2c511e4
UIF smoke test
nightkr Oct 25, 2023
23a55c6
Remove rules from Helm chart until we have a better way to deploy them
nightkr Oct 25, 2023
8c45dc1
Lint-b-gone
nightkr Oct 25, 2023
0cdbfd3
Update CRD
nightkr Oct 25, 2023
fc7de76
UIF readme
nightkr Oct 25, 2023
0a684d9
SNAFU error for UIF config
nightkr Oct 25, 2023
3aceb68
Revert Cmd wrapper enum
nightkr Oct 25, 2023
65934ee
docs
nightkr Oct 25, 2023
118e40e
Rename userInfoFetcher config group to userInfo
nightkr Nov 9, 2023
4d3613f
Allow users to disable user-info-fetcher for now
nightkr Nov 9, 2023
90a228d
Fetch users by userID (coming from sub) instead of userName
sbernauer Nov 15, 2023
d85800c
Merge remote-tracking branch 'origin/main' into spike/user-info-fetcher
sbernauer Nov 16, 2023
8db6fc6
Rework to use URL crate and change CRD to reflect AuthClass design
sbernauer Nov 16, 2023
ff79649
Implement https ca cert handling
sbernauer Nov 16, 2023
a4c1b19
Use clientCredentials for authentication
sbernauer Nov 16, 2023
cb1f424
charts
sbernauer Nov 17, 2023
ed6b624
Merge remote-tracking branch 'origin/main' into spike/user-info-fetcher
sbernauer Nov 20, 2023
af77604
fix compilation
sbernauer Nov 20, 2023
a2b9545
feat: lookup users by name
NickLarsenNZ Nov 20, 2023
a51bb22
feat: Always return userId and userName
sbernauer Nov 21, 2023
d674213
refactor:
NickLarsenNZ Nov 21, 2023
44c0223
Merge remote-tracking branch 'origin/spike/user-info-fetcher-alternat…
NickLarsenNZ Nov 21, 2023
b7c04b8
refactor: make response names consistent with their usage in the requ…
NickLarsenNZ Nov 21, 2023
3d7f1c9
docs: remove already documented keycloak api quirks
NickLarsenNZ Nov 21, 2023
0c17b1f
update operator-rs
sbernauer Nov 23, 2023
ee405c0
update operator-rs
sbernauer Nov 23, 2023
6180fef
refactor: change user_id and user_name to id and username
NickLarsenNZ Nov 23, 2023
6018bb7
refactor: rename user_id and user_name to id and username for respons…
NickLarsenNZ Nov 23, 2023
94a5d8f
refactor: fix remaining user_id,user_name to id,username replacements
NickLarsenNZ Nov 23, 2023
4798c0d
update operator-rs
sbernauer Nov 27, 2023
21557f8
remove unused metadata from kuttl resources
NickLarsenNZ Nov 27, 2023
47dc650
add empty principal_claim
NickLarsenNZ Nov 27, 2023
2c26e50
wip almost working, test script needs work
NickLarsenNZ Nov 30, 2023
488ede1
console logging (currently warn) on error
NickLarsenNZ Nov 30, 2023
e6b5f7b
add todos
NickLarsenNZ Nov 30, 2023
45440aa
fix: Use dedicated SecretClass for Keycloak
sbernauer Nov 30, 2023
3092b75
tests probably pass now
NickLarsenNZ Nov 30, 2023
82d62f6
docs: Add skeleton
sbernauer Nov 30, 2023
8f7d1ba
docs: Improve
sbernauer Nov 30, 2023
61e58b2
docs: Remove uif from first steps example
sbernauer Nov 30, 2023
46b1aa1
docs: fix link
sbernauer Nov 30, 2023
c4ffb57
typo
NickLarsenNZ Nov 30, 2023
e81caeb
fix existing links
NickLarsenNZ Nov 30, 2023
115f10b
docs: fix include
NickLarsenNZ Nov 30, 2023
c48b8a0
docs: user-info-fetcher usage
NickLarsenNZ Nov 30, 2023
381ac91
Add namespace to image env var
nightkr Dec 1, 2023
cb0c5e2
bump
sbernauer Dec 4, 2023
0c24a00
charts
sbernauer Dec 4, 2023
16fd9ef
bump
sbernauer Dec 4, 2023
a97298f
Merge remote-tracking branch 'origin/main' into spike/user-info-fetcher
sbernauer Dec 4, 2023
c7fac34
fix version
sbernauer Dec 4, 2023
873f72a
fix verion
sbernauer Dec 4, 2023
fa5b65c
Use operator-rs 0.58.0
sbernauer Dec 5, 2023
87cd2c4
revert tutuorial change
sbernauer Dec 5, 2023
5000c59
revert language to rego. If that fails build, will revert to text
NickLarsenNZ Dec 5, 2023
ed4ab7c
improve docs
sbernauer Dec 5, 2023
e2b5ad3
fix linting errrors in test script
NickLarsenNZ Dec 7, 2023
0970513
fix typos in docs
NickLarsenNZ Dec 7, 2023
c455da6
add trailing newline
NickLarsenNZ Dec 7, 2023
c0480d0
remove user-info-fetcher docs from nav
NickLarsenNZ Dec 7, 2023
7b5af1f
improve todo markers
sbernauer Dec 11, 2023
ff6881a
remove todo marker
sbernauer Dec 11, 2023
dc863fc
Use opa product image for UIF container
sbernauer Dec 11, 2023
68643fe
fix: Adopt to new binary name
sbernauer Dec 11, 2023
04b6953
remove unused structs
sbernauer Dec 11, 2023
c8a7b32
Merge remote-tracking branch 'origin/main' into spike/user-info-fetcher
sbernauer Dec 12, 2023
cf7e82b
revert changes that are now covered by operator-templating
sbernauer Dec 12, 2023
88c0e35
rename variables: user_name to username
NickLarsenNZ Dec 13, 2023
2f49ca2
fix lint
NickLarsenNZ Dec 13, 2023
e44102d
rename credential fields to be specific to client_credentials auth
NickLarsenNZ Dec 13, 2023
cd7920d
fix: Remove uneeded Debug derive
sbernauer Dec 18, 2023
c26bb0c
ensure no more than one user is returned
NickLarsenNZ Dec 18, 2023
59f1060
remove unwrap and fix snafus
NickLarsenNZ Dec 18, 2023
ab945d2
cast error
NickLarsenNZ Dec 18, 2023
f1b5332
remove unnecessary clones
NickLarsenNZ Dec 18, 2023
3e8a00d
use cloned()
NickLarsenNZ Dec 18, 2023
fcbc5ea
refactor: Unify user_info container creation
sbernauer Dec 19, 2023
515d3f6
refactor: Merge imports
sbernauer Dec 19, 2023
6610346
Create UIF container builder only when needed
Techassi Dec 19, 2023
33e8893
improve error messages
NickLarsenNZ Dec 19, 2023
930f58e
Bump operator-rs, integrate KVP changes
Techassi Dec 19, 2023
c20baa1
handle volume and mounts error result
NickLarsenNZ Dec 19, 2023
1453284
adjust error message
NickLarsenNZ Dec 19, 2023
6a401de
regenerate charts
NickLarsenNZ Dec 19, 2023
6dcc44c
revert Use opa product image for UIF container
NickLarsenNZ Dec 19, 2023
28f324a
add comments about the user_info_fetcher image
NickLarsenNZ Dec 19, 2023
2d154d3
Merge remote-tracking branch 'origin/main' into spike/user-info-fetcher
NickLarsenNZ Dec 20, 2023
25eca91
pin the operator-rs version
NickLarsenNZ Dec 20, 2023
41b9528
Bump op-rs to 0.59.0 and remove legacy nodeSelector
sbernauer Dec 21, 2023
3a0511f
charts
sbernauer Dec 21, 2023
3e56cf7
fix ref to PR in changelog
NickLarsenNZ Dec 21, 2023
10f2fb9
Merge remote-tracking branch 'origin/main' into spike/user-info-fetcher
sbernauer Jan 2, 2024
0021560
fix: Update binary name
sbernauer Jan 2, 2024
7bdabe1
fix(test): PullPolicy
sbernauer Jan 3, 2024
68da431
Update rust/user-info-fetcher/Cargo.toml
sbernauer Jan 3, 2024
70c19b8
Merge remote-tracking branch 'origin/main' into spike/user-info-fetcher
sbernauer Jan 3, 2024
8deabd0
fix chagelog PR reference
NickLarsenNZ Jan 4, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
10 changes: 10 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Expand Up @@ -4,6 +4,16 @@ All notable changes to this project will be documented in this file.

## [Unreleased]

### Added

- Add user-info-fetcher to fetch user metadata from directory services ([#443]).

### Changed

- [BREAKING]: Remove legacy `nodeSelector` on rolegroups. Use the field `affinity.nodeAffinity` instead ([#433]).

[#433]: https://github.com/stackabletech/opa-operator/pull/433

## [23.11.0] - 2023-11-24

### Added
Expand Down