Comments (7)
yes totally 👍
from api.
Also we need instructions about how to configure the tenants/RBAC in Openshift.
from api.
Configuring rbac in OpenShift doesn't change at all, but you mean how to configure the API to use the OpenShift authentication server for OIDC?
from api.
Yes
from api.
I'm assuming that the tenant/user configuration needs to be fully independent of the OpenShift installation that the application is sitting on top of since this is intended to be used for tenants/workloads external of the existing OpenShift deployment. Is that correct?
from api.
I feel like this issue should be moved to observatorium/deployments repository as well. It would be ideal that the documentation lives in a single location. Might even consider moving to a documentation repository and using asciidoc so that it's later easier to import into downstream documentation stream.
from api.
@leifmadsen This project is completely agnostic to OpenShift and even to Kubernetes; it knows nothing about any underlying scheduler or orchestration. The tenants file is simply a mapping of organization names to OIDC configurations. That said, a tenant can be configured to use the OpenShift authentication server as its identity provider.
This org actually already has a documentation repo, you can find it at github.com/observatorium/docs. The final output of this issue will be a document that lives in that repo. I prefer not to make a second issue for this to avoid duplication and spreading comments around where they will get lost.
from api.
Related Issues (20)
- tenant logout handler HOT 2
- Expose flag traces.read.endpoint in jsonnet HOT 2
- Trace Read tenancy architecture and implementation HOT 1
- What Claim Name in openid tokens is used for representing groups? HOT 3
- Add OpenAPI spec for logs HOT 1
- HTTP handler monitoring middleware isn't the topmost in the middleware stack HOT 2
- Start versioning API releases HOT 11
- Update oapi spec for better API documentation
- Consider adopting the Prometheus JSON format for error responses HOT 2
- oidcConfig: is ClientSecret used? HOT 2
- OIDC authenticator skips identity check if no username or group claim are present HOT 5
- Support Certificate Revocation Lists for mTLS Authentication
- Rules API spec has non-optional fields
- Optional endpoints for beta deployments HOT 3
- Logs Gateway corrupts query HOT 2
- Breaking change in rate limiting endpoint matching
- Make e2e tests arm64 friendly
- support reading configs from environment variables HOT 3
- Intorducing testify library for unit tests
- support otlp trace exporter
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from api.