You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Make Stratos usable against a Korifi backend — register a Korifi endpoint, authenticate, and drive the core Applications / Orgs / Spaces / Services flows.
Korifi reimplements the Cloud Foundry API on Kubernetes. It exposes the CF v3 API (a subset) and uses a Kubernetes-native auth model rather than UAA, so the gaps from a classic CF deployment are mostly around endpoint discovery and authentication.
Known areas to address
Endpoint discovery without v2. Korifi does not serve the legacy /v2/info. Stratos has historically leaned on it for auth/UAA/version discovery. This overlaps with the v2-death work in Imminent cloudfoundry v2 api death and impact #5047 (and the precedent in Log Streaming does not work with the cf-for-k8s project. #4832, cf-for-k8s) — confirm registration sources auth/token/version endpoints from the v3 root (/) links and works against Korifi specifically.
Authentication. Korifi authenticates with Kubernetes credentials (OIDC / short-lived tokens) instead of UAA username+password against a UAA token endpoint. Determine what Stratos's login + token-refresh flow needs to support this, and whether it fits the existing endpoint/auth abstraction or needs a new auth provider.
API surface coverage. Korifi implements a subset of CF v3. Identify which Stratos features map cleanly, which degrade, and which should be hidden/disabled when the endpoint is Korifi (capability-gated rather than erroring).
Open questions
Minimum Korifi version to target.
Whether this is one auth provider or a broader "CF flavor" capability model.
How to detect a Korifi endpoint (vs classic CF) at registration time.
Verification
Stand up a Korifi instance, register it in Stratos, log in, and exercise Applications / Orgs / Spaces / Services end to end — recording which flows work, degrade, or fail.
Goal
Make Stratos usable against a Korifi backend — register a Korifi endpoint, authenticate, and drive the core Applications / Orgs / Spaces / Services flows.
Korifi reimplements the Cloud Foundry API on Kubernetes. It exposes the CF v3 API (a subset) and uses a Kubernetes-native auth model rather than UAA, so the gaps from a classic CF deployment are mostly around endpoint discovery and authentication.
Known areas to address
/v2/info. Stratos has historically leaned on it for auth/UAA/version discovery. This overlaps with the v2-death work in Imminent cloudfoundry v2 api death and impact #5047 (and the precedent in Log Streaming does not work with the cf-for-k8s project. #4832, cf-for-k8s) — confirm registration sources auth/token/version endpoints from the v3 root (/) links and works against Korifi specifically.Open questions
Verification
Stand up a Korifi instance, register it in Stratos, log in, and exercise Applications / Orgs / Spaces / Services end to end — recording which flows work, degrade, or fail.
Related