Skip to content

Commit 8d9a39f

Browse files
committed
Merge branch 'master' into bugfix/fix_secret_discovery
2 parents 693c92c + f777d4f commit 8d9a39f

File tree

94 files changed

+3636
-351
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

94 files changed

+3636
-351
lines changed

.golangci.yaml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -87,6 +87,8 @@ linters-settings:
8787
pkg: github.com/arangodb/kube-arangodb/integrations/storage/v2/shared/s3
8888
- alias: pbStorageV2
8989
pkg: github.com/arangodb/kube-arangodb/integrations/storage/v2/definition
90+
- alias: api
91+
pkg: github.com/arangodb/kube-arangodb/pkg/apis/deployment/v1
9092
- alias: analyticsApi
9193
pkg: github.com/arangodb/kube-arangodb/pkg/apis/analytics/v1alpha1
9294
- alias: mlApiv1alpha1
@@ -97,6 +99,8 @@ linters-settings:
9799
pkg: github.com/arangodb/kube-arangodb/pkg/apis/networking/v1alpha1
98100
- alias: platformApi
99101
pkg: github.com/arangodb/kube-arangodb/pkg/apis/platform/v1alpha1
102+
- alias: platformAuthenticationApi
103+
pkg: github.com/arangodb/kube-arangodb/pkg/apis/platform/v1alpha1/authentication
100104
- alias: schedulerApiv1alpha1
101105
pkg: github.com/arangodb/kube-arangodb/pkg/apis/scheduler/v1alpha1
102106
- alias: schedulerContainerApiv1alpha1

CHANGELOG.md

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,14 @@
77
- (Feature) Ensure Group Service Type
88
- (Maintenance) Fix Helm & JWT CVE's
99
- (Feature) (Platform) Improve CLI Values
10+
- (Feature) (Platform) Envoy Cache Introduction
11+
- (Feature) (Platform) OpenID Integration - API Extension
12+
- (Feature) Windows Platform CLI
13+
- (Feature) (Platform) Auth User Creation
14+
- (Maintenance) Add Common Api Import
15+
- (Feature) Previous Pod Logs in DebugPackage
16+
- (Feature) (Platform) Login & Logout Endpoints
17+
- (Feature) (Platform) OpenID Integration
1018
- (Bugfix) Align JWT Discovery
1119

1220
## [1.2.48](https://github.com/arangodb/kube-arangodb/tree/1.2.48) (2025-05-08)

Makefile

Lines changed: 54 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -248,39 +248,78 @@ BIN_PLATFORM_NAME := $(PROJECT)_platform
248248
BIN_PLATFORM := $(BINDIR)/$(BIN_PLATFORM_NAME)
249249

250250
define binary
251+
$(eval $(call binary_operator,$1,$2,$3))
252+
$(eval $(call binary_ops,$1,$2,$3))
253+
$(eval $(call binary_int,$1,$2,$3))
254+
$(eval $(call binary_platform,$1,$2,$3))
255+
endef
256+
257+
define binary_operator
251258
$(eval _OS:=$(call UPPER_ENV,$1))
252259
$(eval _ARCH:=$(call UPPER_ENV,$2))
253-
VBIN_$(_OS)_$(_ARCH) := $(BINDIR)/$(RELEASE_MODE)/$1/$2/$(BINNAME)
254-
VBIN_OPS_$(_OS)_$(_ARCH) := $(BINDIR)/$(RELEASE_MODE)/$1/$2/$(BIN_OPS_NAME)
255-
VBIN_INT_$(_OS)_$(_ARCH) := $(BINDIR)/$(RELEASE_MODE)/$1/$2/$(BIN_INT_NAME)
256-
VBIN_PLATFORM_$(_OS)_$(_ARCH) := $(BINDIR)/$(RELEASE_MODE)/$1/$2/$(BIN_PLATFORM_NAME)
257260

258-
$$(VBIN_$(_OS)_$(_ARCH)): $$(SOURCES) dashboard/assets.go VERSION
261+
VBIN_OPERATOR_$(_OS)_$(_ARCH) := $(BINDIR)/$(RELEASE_MODE)/$1/$2/$(BINNAME)$3
262+
263+
.PHONY: $$(VBIN_OPERATOR_$(_OS)_$(_ARCH))
264+
265+
$$(VBIN_OPERATOR_$(_OS)_$(_ARCH)): $$(SOURCES) dashboard/assets.go VERSION
259266
@mkdir -p $(BINDIR)/$(RELEASE_MODE)/$1/$2
260267
CGO_ENABLED=0 GOOS=$1 GOARCH=$2 go build $${GOBUILDARGS} --tags "$$(GOBUILDTAGS)" $$(COMPILE_DEBUG_FLAGS) -installsuffix netgo -gcflags=all="$$(GOBUILDGCFLAGS)" -ldflags "$$(GOBUILDLDFLAGS)" -o $$@ ./cmd/main
261268

262-
$$(VBIN_OPS_$(_OS)_$(_ARCH)): $$(SOURCES) dashboard/assets.go VERSION
263-
@mkdir -p $(BINDIR)/$(RELEASE_MODE)/$1/$2
264-
CGO_ENABLED=0 GOOS=$1 GOARCH=$2 go build $${GOBUILDARGS} --tags "$$(GOBUILDTAGS)" $$(COMPILE_DEBUG_FLAGS) -installsuffix netgo -gcflags=all="$$(GOBUILDGCFLAGS)" -ldflags "$$(GOBUILDLDFLAGS)" -o $$@ ./cmd/main-ops
269+
bin-all: $$(VBIN_OPERATOR_$(_OS)_$(_ARCH))
270+
endef
271+
272+
define binary_int
273+
$(eval _OS:=$(call UPPER_ENV,$1))
274+
$(eval _ARCH:=$(call UPPER_ENV,$2))
275+
276+
VBIN_INT_$(_OS)_$(_ARCH) := $(BINDIR)/$(RELEASE_MODE)/$1/$2/$(BIN_INT_NAME)$3
277+
278+
.PHONY: $$(VBIN_INT_$(_OS)_$(_ARCH))
265279

266280
$$(VBIN_INT_$(_OS)_$(_ARCH)): $$(SOURCES) dashboard/assets.go VERSION
267281
@mkdir -p $(BINDIR)/$(RELEASE_MODE)/$1/$2
268282
CGO_ENABLED=0 GOOS=$1 GOARCH=$2 go build $${GOBUILDARGS} --tags "$$(GOBUILDTAGS)" $$(COMPILE_DEBUG_FLAGS) -installsuffix netgo -gcflags=all="$$(GOBUILDGCFLAGS)" -ldflags "$$(GOBUILDLDFLAGS)" -o $$@ ./cmd/main-int
269283

284+
bin-all: $$(VBIN_INT_$(_OS)_$(_ARCH))
285+
endef
286+
287+
define binary_ops
288+
$(eval _OS:=$(call UPPER_ENV,$1))
289+
$(eval _ARCH:=$(call UPPER_ENV,$2))
290+
291+
VBIN_OPS_$(_OS)_$(_ARCH) := $(BINDIR)/$(RELEASE_MODE)/$1/$2/$(BIN_OPS_NAME)$3
292+
293+
.PHONY: $$(VBIN_OPS_$(_OS)_$(_ARCH))
294+
295+
$$(VBIN_OPS_$(_OS)_$(_ARCH)): $$(SOURCES) dashboard/assets.go VERSION
296+
@mkdir -p $(BINDIR)/$(RELEASE_MODE)/$1/$2
297+
CGO_ENABLED=0 GOOS=$1 GOARCH=$2 go build $${GOBUILDARGS} --tags "$$(GOBUILDTAGS)" $$(COMPILE_DEBUG_FLAGS) -installsuffix netgo -gcflags=all="$$(GOBUILDGCFLAGS)" -ldflags "$$(GOBUILDLDFLAGS)" -o $$@ ./cmd/main-ops
298+
299+
bin-all: $$(VBIN_OPS_$(_OS)_$(_ARCH))
300+
endef
301+
302+
define binary_platform
303+
$(eval _OS:=$(call UPPER_ENV,$1))
304+
$(eval _ARCH:=$(call UPPER_ENV,$2))
305+
306+
VBIN_PLATFORM_$(_OS)_$(_ARCH) := $(BINDIR)/$(RELEASE_MODE)/$1/$2/$(BIN_PLATFORM_NAME)$3
307+
270308
.PHONY: $$(VBIN_PLATFORM_$(_OS)_$(_ARCH))
271309

272310
$$(VBIN_PLATFORM_$(_OS)_$(_ARCH)): $$(SOURCES) dashboard/assets.go VERSION
273311
@mkdir -p $(BINDIR)/$(RELEASE_MODE)/$1/$2
274312
CGO_ENABLED=0 GOOS=$1 GOARCH=$2 go build $${GOBUILDARGS} --tags "$$(GOBUILDTAGS)" $$(COMPILE_DEBUG_FLAGS) -installsuffix netgo -gcflags=all="$$(GOBUILDGCFLAGS)" -ldflags "$$(GOBUILDLDFLAGS)" -o $$@ ./cmd/main-platform
275313

276-
bin-all: $$(VBIN_$(_OS)_$(_ARCH)) $$(VBIN_OPS_$(_OS)_$(_ARCH)) $$(VBIN_INT_$(_OS)_$(_ARCH)) $$(VBIN_PLATFORM_$(_OS)_$(_ARCH))
277-
314+
bin-all: $$(VBIN_PLATFORM_$(_OS)_$(_ARCH))
278315
endef
279316

280317
$(eval $(call binary,linux,amd64))
281318
$(eval $(call binary,linux,arm64))
282319
$(eval $(call binary,darwin,amd64))
283320
$(eval $(call binary,darwin,arm64))
321+
$(eval $(call binary_platform,windows,amd64,.exe))
322+
$(eval $(call binary_platform,windows,arm64,.exe))
284323

285324
ifdef VERBOSE
286325
TESTVERBOSEOPTIONS := -v
@@ -405,7 +444,7 @@ endif
405444

406445
.PHONY: clean
407446
clean:
408-
rm -Rf $(BIN) $(BINDIR) $(DASHBOARDDIR)/build $(DASHBOARDDIR)/node_modules $(VBIN_LINUX_AMD64) $(VBIN_LINUX_ARM64) $(VBIN_OPS_LINUX_AMD64) $(VBIN_OPS_LINUX_ARM64) $(VBIN_OPS_DARWIN_AMD64) $(VBIN_OPS_DARWIN_ARM64) $(VBIN_OPS_WIN_AMD64)
447+
rm -Rf $(BIN) $(BINDIR) $(DASHBOARDDIR)/build $(DASHBOARDDIR)/node_modules $(VBIN_OPERATOR_LINUX_AMD64) $(VBIN_OPERATOR_LINUX_ARM64) $(VBIN_OPS_LINUX_AMD64) $(VBIN_OPS_LINUX_ARM64) $(VBIN_OPS_DARWIN_AMD64) $(VBIN_OPS_DARWIN_ARM64) $(VBIN_OPS_WIN_AMD64)
409448

410449
.PHONY: check-vars
411450
check-vars:
@@ -474,12 +513,12 @@ dashboard/assets.go:
474513
.PHONY: bin
475514
bin: $(BIN)
476515

477-
$(BIN): $(VBIN_LINUX_AMD64) $(VBIN_OPS_LINUX_AMD64) $(VBIN_INT_LINUX_AMD64) $(VBIN_PLATFORM_LINUX_AMD64)
478-
@cp "$(VBIN_LINUX_AMD64)" "$(BIN)"
516+
$(BIN): $(VBIN_OPERATOR_LINUX_AMD64) $(VBIN_OPS_LINUX_AMD64) $(VBIN_INT_LINUX_AMD64) $(VBIN_PLATFORM_LINUX_AMD64)
517+
@cp "$(VBIN_OPERATOR_LINUX_AMD64)" "$(BIN)"
479518
@cp "$(VBIN_OPS_LINUX_AMD64)" "$(BIN_OPS)"
480519

481520
.PHONY: docker
482-
docker: clean check-vars $(VBIN_LINUX_AMD64) $(VBIN_LINUX_ARM64)
521+
docker: clean check-vars $(VBIN_OPERATOR_LINUX_AMD64) $(VBIN_OPERATOR_LINUX_ARM64)
483522
ifdef PUSHIMAGES
484523
docker buildx build --no-cache -f $(DOCKERFILE) --build-arg "ENVOY_IMAGE=$(ENVOY_IMAGE)" --build-arg GOVERSION=$(GOVERSION) --build-arg DISTRIBUTION=$(DISTRIBUTION) \
485524
--build-arg "VERSION=${VERSION_MAJOR_MINOR_PATCH}" --build-arg "RELEASE_MODE=$(RELEASE_MODE)" --build-arg "BUILD_SKIP_UPDATE=${BUILD_SKIP_UPDATE}" \
@@ -491,7 +530,7 @@ else
491530
endif
492531

493532
.PHONY: docker-ubi
494-
docker-ubi: check-vars $(VBIN_LINUX_AMD64)
533+
docker-ubi: check-vars $(VBIN_OPERATOR_LINUX_AMD64)
495534
ifdef PUSHIMAGES
496535
docker buildx build --no-cache -f "$(DOCKERFILE).ubi" --build-arg "ENVOY_IMAGE=$(ENVOY_IMAGE)" --build-arg GOVERSION=$(GOVERSION) --build-arg DISTRIBUTION=$(DISTRIBUTION) \
497536
--build-arg "VERSION=${VERSION_MAJOR_MINOR_PATCH}" --build-arg "RELEASE_MODE=$(RELEASE_MODE)" \

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -201,7 +201,7 @@ Flags:
201201
--kubernetes.max-batch-size int Size of batch during objects read (default 256)
202202
--kubernetes.qps float32 Number of queries per second for k8s API (default 32)
203203
--log.format string Set log format. Allowed values: 'pretty', 'JSON'. If empty, default format is used (default "pretty")
204-
--log.level stringArray Set log levels in format <level> or <logger>=<level>. Possible loggers: action, agency, api-server, assertion, backup-operator, chaos-monkey, crd, deployment, deployment-ci, deployment-reconcile, deployment-replication, deployment-resilience, deployment-resources, deployment-storage, deployment-storage-pc, deployment-storage-service, generic-parent-operator, helm, http, inspector, integration-authn-v1, integration-config-v1, integration-envoy-auth-v3, integration-envoy-auth-v3-impl-auth-bearer, integration-envoy-auth-v3-impl-auth-cookie, integration-envoy-auth-v3-impl-pass-mode, integration-scheduler-v2, integration-storage-v1-s3, integration-storage-v2, integrations, k8s-client, kubernetes, kubernetes-access, kubernetes-client, kubernetes-informer, monitor, networking-route-operator, operator, operator-arangojob-handler, operator-v2, operator-v2-event, operator-v2-worker, panics, platform-chart-operator, platform-pod-shutdown, platform-storage-operator, pod_compare, root, root-event-recorder, scheduler-batchjob-operator, scheduler-cronjob-operator, scheduler-deployment-operator, scheduler-pod-operator, scheduler-profile-operator, server, server-authentication, webhook (default [info])
204+
--log.level stringArray Set log levels in format <level> or <logger>=<level>. Possible loggers: action, agency, api-server, assertion, backup-operator, chaos-monkey, crd, deployment, deployment-ci, deployment-reconcile, deployment-replication, deployment-resilience, deployment-resources, deployment-storage, deployment-storage-pc, deployment-storage-service, generic-parent-operator, helm, http, inspector, integration-authn-v1, integration-config-v1, integration-envoy-auth-v3, integration-envoy-auth-v3-impl-auth-bearer, integration-envoy-auth-v3-impl-auth-cookie, integration-envoy-auth-v3-impl-custom-openid, integration-envoy-auth-v3-impl-pass-mode, integration-scheduler-v2, integration-storage-v1-s3, integration-storage-v2, integrations, k8s-client, kubernetes, kubernetes-access, kubernetes-client, kubernetes-informer, monitor, networking-route-operator, operator, operator-arangojob-handler, operator-v2, operator-v2-event, operator-v2-worker, panics, platform-chart-operator, platform-pod-shutdown, platform-storage-operator, pod_compare, root, root-event-recorder, scheduler-batchjob-operator, scheduler-cronjob-operator, scheduler-deployment-operator, scheduler-pod-operator, scheduler-profile-operator, server, server-authentication, webhook (default [info])
205205
--log.sampling If true, operator will try to minimize duplication of logging events (default true)
206206
--log.stdout If true, operator will log to the stdout (default true)
207207
--memory-limit uint Define memory limit for hard shutdown and the dump of goroutines. Used for testing

cmd/lifecycle_wait.go

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
//
22
// DISCLAIMER
33
//
4-
// Copyright 2016-2022 ArangoDB GmbH, Cologne, Germany
4+
// Copyright 2016-2025 ArangoDB GmbH, Cologne, Germany
55
//
66
// Licensed under the Apache License, Version 2.0 (the "License");
77
// you may not use this file except in compliance with the License.
@@ -28,7 +28,7 @@ import (
2828

2929
"github.com/spf13/cobra"
3030

31-
v1 "github.com/arangodb/kube-arangodb/pkg/apis/deployment/v1"
31+
api "github.com/arangodb/kube-arangodb/pkg/apis/deployment/v1"
3232
"github.com/arangodb/kube-arangodb/pkg/util"
3333
"github.com/arangodb/kube-arangodb/pkg/util/constants"
3434
)
@@ -82,7 +82,7 @@ func cmdLifecycleWaitCheck(cmd *cobra.Command, _ []string) {
8282
}
8383

8484
if isUpToDate {
85-
logger.Info(fmt.Sprintf("ArangoDeployment: %s is %s", d.Name, v1.ConditionTypeUpToDate))
85+
logger.Info(fmt.Sprintf("ArangoDeployment: %s is %s", d.Name, api.ConditionTypeUpToDate))
8686
return
8787
}
8888

@@ -93,7 +93,7 @@ func cmdLifecycleWaitCheck(cmd *cobra.Command, _ []string) {
9393
logger.Info("ArangoDeployment: %s is not ready yet. Waiting...", d.Name)
9494
continue
9595
case <-time.After(watchTimeout):
96-
logger.Error("ArangoDeployment: %s is not %s yet - operation timed out!", d.Name, v1.ConditionTypeUpToDate)
96+
logger.Error("ArangoDeployment: %s is not %s yet - operation timed out!", d.Name, api.ConditionTypeUpToDate)
9797
return
9898
}
9999
}

docs/api/ArangoDeployment.V1.md

Lines changed: 55 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3137,6 +3137,49 @@ Type: `boolean` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.
31373137

31383138
***
31393139

3140+
### .spec.gateway.authentication.secret.checksum
3141+
3142+
Type: `string` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.48/pkg/apis/shared/v1/object.go#L61)</sup>
3143+
3144+
UID keeps the information about object Checksum
3145+
3146+
***
3147+
3148+
### .spec.gateway.authentication.secret.name
3149+
3150+
Type: `string` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.48/pkg/apis/shared/v1/object.go#L52)</sup>
3151+
3152+
Name of the object
3153+
3154+
***
3155+
3156+
### .spec.gateway.authentication.secret.namespace
3157+
3158+
Type: `string` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.48/pkg/apis/shared/v1/object.go#L55)</sup>
3159+
3160+
Namespace of the object. Should default to the namespace of the parent object
3161+
3162+
***
3163+
3164+
### .spec.gateway.authentication.secret.uid
3165+
3166+
Type: `string` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.48/pkg/apis/shared/v1/object.go#L58)</sup>
3167+
3168+
UID keeps the information about object UID
3169+
3170+
***
3171+
3172+
### .spec.gateway.authentication.type
3173+
3174+
Type: `string` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.48/pkg/apis/deployment/v1/deployment_spec_gateway_authentication.go#L51)</sup>
3175+
3176+
Type defines the Authentication Type
3177+
3178+
Possible Values:
3179+
* `"OpenID"` (default) - Configure OpenID Authentication Type
3180+
3181+
***
3182+
31403183
### .spec.gateway.cookiesSupport
31413184

31423185
Type: `boolean` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.48/pkg/apis/deployment/v1/deployment_spec_gateway.go#L49)</sup>
@@ -3147,10 +3190,20 @@ Default Value: `true`
31473190

31483191
***
31493192

3150-
### .spec.gateway.defaultTargetAuthentication
3193+
### .spec.gateway.createUsers
31513194

31523195
Type: `boolean` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.48/pkg/apis/deployment/v1/deployment_spec_gateway.go#L53)</sup>
31533196

3197+
CreateUsers defines if authenticated users will be created in ArangoDB
3198+
3199+
Default Value: `false`
3200+
3201+
***
3202+
3203+
### .spec.gateway.defaultTargetAuthentication
3204+
3205+
Type: `boolean` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.48/pkg/apis/deployment/v1/deployment_spec_gateway.go#L57)</sup>
3206+
31543207
DefaultTargetAuthentication defines if default endpoints check authentication via envoy (Cookie and Header based auth)
31553208

31563209
Default Value: `true`
@@ -3190,7 +3243,7 @@ By default, the image is determined by the operator.
31903243

31913244
### .spec.gateway.timeout
31923245

3193-
Type: `string` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.48/pkg/apis/deployment/v1/deployment_spec_gateway.go#L58)</sup>
3246+
Type: `string` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.48/pkg/apis/deployment/v1/deployment_spec_gateway.go#L62)</sup>
31943247

31953248
Timeout defines default timeout for the upstream actions (if not overridden)
31963249

Lines changed: 99 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,99 @@
1+
---
2+
layout: page
3+
parent: CRD reference
4+
title: ArangoPlatform V1Alpha1 Authentication OpenID
5+
---
6+
7+
# API Reference for ArangoPlatform V1Alpha1 Authentication OpenID
8+
9+
##
10+
11+
### .client.id
12+
13+
Type: `string` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.48/pkg/apis/platform/v1alpha1/authentication/openid.go#L223)</sup>
14+
15+
ID defines OpenID Client ID
16+
17+
***
18+
19+
### .client.secret
20+
21+
Type: `string` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.48/pkg/apis/platform/v1alpha1/authentication/openid.go#L226)</sup>
22+
23+
Secret defines OpenID Client Secret
24+
25+
***
26+
27+
### .disabledPaths
28+
29+
Type: `array` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.48/pkg/apis/platform/v1alpha1/authentication/openid.go#L67)</sup>
30+
31+
DisabledPaths keeps the list of SSO disabled paths. By default, "_logout" endpoint is passed through
32+
33+
***
34+
35+
### .endpoint
36+
37+
Type: `string` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.48/pkg/apis/platform/v1alpha1/authentication/openid.go#L61)</sup>
38+
39+
Endpoint defines the OpenID callback Endpoint
40+
41+
***
42+
43+
### .http.insecure
44+
45+
Type: `boolean` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.48/pkg/apis/platform/v1alpha1/authentication/openid.go#L179)</sup>
46+
47+
Insecure defines if insecure HTTP Client is used
48+
49+
Default Value: `false`
50+
51+
***
52+
53+
### .provider..authorizationEndpoint
54+
55+
Type: `string` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.48/pkg/apis/platform/v1alpha1/authentication/openid.go#L210)</sup>
56+
57+
AuthorizationEndpoint defines OpenID Authorization Endpoint
58+
59+
Links:
60+
* [Documentation](https://www.ibm.com/docs/en/was-liberty/base?topic=connect-openid-endpoint-urls#rwlp_oidc_endpoint_urls__auth_endpoint__title__1)
61+
62+
***
63+
64+
### .provider..tokenEndpoint
65+
66+
Type: `string` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.48/pkg/apis/platform/v1alpha1/authentication/openid.go#L214)</sup>
67+
68+
TokenEndpoint defines OpenID Token Endpoint
69+
70+
Links:
71+
* [Documentation](https://www.ibm.com/docs/en/was-liberty/base?topic=connect-openid-endpoint-urls#rwlp_oidc_endpoint_urls__token_endpoint__title__1)
72+
73+
***
74+
75+
### .provider..userInfoEndpoint
76+
77+
Type: `string` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.48/pkg/apis/platform/v1alpha1/authentication/openid.go#L218)</sup>
78+
79+
UserInfoEndpoint defines OpenID UserInfo Endpoint
80+
81+
Links:
82+
* [Documentation](https://www.ibm.com/docs/en/was-liberty/base?topic=connect-openid-endpoint-urls#rwlp_oidc_endpoint_urls__userinfo_endpoint__title__1)
83+
84+
***
85+
86+
### .provider.issuer
87+
88+
Type: `string` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.48/pkg/apis/platform/v1alpha1/authentication/openid.go#L204)</sup>
89+
90+
Issuer defines OpenID Issuer
91+
92+
***
93+
94+
### .scope
95+
96+
Type: `array` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.48/pkg/apis/platform/v1alpha1/authentication/openid.go#L64)</sup>
97+
98+
Scope defines OpenID Scopes (OpenID is added by default).
99+

0 commit comments

Comments
 (0)