From ad7f6fff52103ffa2d0c9bb498e65be2c77fe92c Mon Sep 17 00:00:00 2001 From: Guilherme Cassolato Date: Tue, 5 Sep 2023 10:59:02 +0200 Subject: [PATCH] Update Authorino manifests --- .../authorino.kuadrant.io_authconfigs.yaml | 34 +++++-------------- config/deploy/manifests.yaml | 34 +++++-------------- 2 files changed, 16 insertions(+), 52 deletions(-) diff --git a/bundle/manifests/authorino.kuadrant.io_authconfigs.yaml b/bundle/manifests/authorino.kuadrant.io_authconfigs.yaml index c0a04ac9..4eb86268 100644 --- a/bundle/manifests/authorino.kuadrant.io_authconfigs.yaml +++ b/bundle/manifests/authorino.kuadrant.io_authconfigs.yaml @@ -2251,6 +2251,8 @@ spec: description: The name of key used in the wrapped response (name of the HTTP header or property of the Envoy Dynamic Metadata JSON). If omitted, it will be set to the name of the configuration. + [DEPRECATED] Starting in v1beta2, use the name of the response + config instead. type: string wristband: properties: @@ -2686,8 +2688,6 @@ spec: properties: name: type: string - prefix: - type: string required: - name type: object @@ -2736,11 +2736,6 @@ spec: with the value of the "iss" (issuer) claim of the discovered OpenID Connect configuration. type: string - jwksUrl: - description: URL of the JSON Web Ket Set (JWKS) endpoint. - Use this if the issuer of the JWT tokens is not an OIDC - provider or does not implement OIDC Discovery. - type: string ttl: description: Decides how long to wait before refreshing the JWKS (in seconds). If omitted, Authorino will never @@ -3167,7 +3162,12 @@ spec: precompile) and at runtime. type: boolean externalPolicy: - description: External registry of OPA policies. + description: 'Settings for fetching the OPA policy from + an external registry. Use it alternatively to ''inlineRego''. + For the configurations of the HTTP request, the following + options are not implemented: ''method'', ''body'', ''bodyParameters'', + ''contentType'', ''headers'', ''oauth2''. Use it only + with: ''url'', ''sharedSecret'', ''credentials''.' properties: body: description: Raw body of the HTTP request. Supersedes @@ -3247,8 +3247,6 @@ spec: properties: name: type: string - prefix: - type: string required: - name type: object @@ -3280,10 +3278,6 @@ spec: type: object description: Custom headers in the HTTP request. type: object - insecure: - description: Insecure HTTP connection (i.e. disables - TLS verification) - type: boolean method: default: GET description: 'HTTP verb used in the request to the service. @@ -3742,8 +3736,6 @@ spec: properties: name: type: string - prefix: - type: string required: - name type: object @@ -3774,10 +3766,6 @@ spec: type: object description: Custom headers in the HTTP request. type: object - insecure: - description: Insecure HTTP connection (i.e. disables TLS - verification) - type: boolean method: default: GET description: 'HTTP verb used in the request to the service. @@ -4062,8 +4050,6 @@ spec: properties: name: type: string - prefix: - type: string required: - name type: object @@ -4094,10 +4080,6 @@ spec: type: object description: Custom headers in the HTTP request. type: object - insecure: - description: Insecure HTTP connection (i.e. disables TLS - verification) - type: boolean method: default: GET description: 'HTTP verb used in the request to the service. diff --git a/config/deploy/manifests.yaml b/config/deploy/manifests.yaml index 5e5690c0..17ce8230 100644 --- a/config/deploy/manifests.yaml +++ b/config/deploy/manifests.yaml @@ -2257,6 +2257,8 @@ spec: description: The name of key used in the wrapped response (name of the HTTP header or property of the Envoy Dynamic Metadata JSON). If omitted, it will be set to the name of the configuration. + [DEPRECATED] Starting in v1beta2, use the name of the response + config instead. type: string wristband: properties: @@ -2692,8 +2694,6 @@ spec: properties: name: type: string - prefix: - type: string required: - name type: object @@ -2742,11 +2742,6 @@ spec: with the value of the "iss" (issuer) claim of the discovered OpenID Connect configuration. type: string - jwksUrl: - description: URL of the JSON Web Ket Set (JWKS) endpoint. - Use this if the issuer of the JWT tokens is not an OIDC - provider or does not implement OIDC Discovery. - type: string ttl: description: Decides how long to wait before refreshing the JWKS (in seconds). If omitted, Authorino will never @@ -3173,7 +3168,12 @@ spec: precompile) and at runtime. type: boolean externalPolicy: - description: External registry of OPA policies. + description: 'Settings for fetching the OPA policy from + an external registry. Use it alternatively to ''inlineRego''. + For the configurations of the HTTP request, the following + options are not implemented: ''method'', ''body'', ''bodyParameters'', + ''contentType'', ''headers'', ''oauth2''. Use it only + with: ''url'', ''sharedSecret'', ''credentials''.' properties: body: description: Raw body of the HTTP request. Supersedes @@ -3253,8 +3253,6 @@ spec: properties: name: type: string - prefix: - type: string required: - name type: object @@ -3286,10 +3284,6 @@ spec: type: object description: Custom headers in the HTTP request. type: object - insecure: - description: Insecure HTTP connection (i.e. disables - TLS verification) - type: boolean method: default: GET description: 'HTTP verb used in the request to the service. @@ -3748,8 +3742,6 @@ spec: properties: name: type: string - prefix: - type: string required: - name type: object @@ -3780,10 +3772,6 @@ spec: type: object description: Custom headers in the HTTP request. type: object - insecure: - description: Insecure HTTP connection (i.e. disables TLS - verification) - type: boolean method: default: GET description: 'HTTP verb used in the request to the service. @@ -4068,8 +4056,6 @@ spec: properties: name: type: string - prefix: - type: string required: - name type: object @@ -4100,10 +4086,6 @@ spec: type: object description: Custom headers in the HTTP request. type: object - insecure: - description: Insecure HTTP connection (i.e. disables TLS - verification) - type: boolean method: default: GET description: 'HTTP verb used in the request to the service.