Skip to content

Commit

Permalink
Create default public key endpoint for radar-gateway
Browse files Browse the repository at this point in the history
Fixes a config error introduced by prior PR.
  • Loading branch information
pvannierop committed Oct 29, 2024
1 parent 2a3bf88 commit 61c0b74
Show file tree
Hide file tree
Showing 4 changed files with 18 additions and 4 deletions.
2 changes: 1 addition & 1 deletion charts/radar-gateway/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: v2
appVersion: "0.7.2"
description: A Helm chart for RADAR-base gateway. REST Gateway to Kafka, for incoming participant data. It performs authentication, authorization, content validation and decompression. For more details of the configurations, see https://github.com/RADAR-base/RADAR-Gateway/blob/master/gateway.yml.
name: radar-gateway
version: 1.2.3
version: 1.2.4
icon: "http://radar-base.org/wp-content/uploads/2022/09/Logo_RADAR-Base-RGB.png"
sources:
- https://github.com/RADAR-base/radar-helm-charts/tree/main/charts/radar-gateway
Expand Down
5 changes: 4 additions & 1 deletion charts/radar-gateway/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
# radar-gateway
[![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/radar-gateway)](https://artifacthub.io/packages/helm/radar-base/radar-gateway)

![Version: 1.2.3](https://img.shields.io/badge/Version-1.2.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.7.2](https://img.shields.io/badge/AppVersion-0.7.2-informational?style=flat-square)
![Version: 1.2.4](https://img.shields.io/badge/Version-1.2.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.7.2](https://img.shields.io/badge/AppVersion-0.7.2-informational?style=flat-square)

A Helm chart for RADAR-base gateway. REST Gateway to Kafka, for incoming participant data. It performs authentication, authorization, content validation and decompression. For more details of the configurations, see https://github.com/RADAR-base/RADAR-Gateway/blob/master/gateway.yml.

Expand Down Expand Up @@ -42,6 +42,7 @@ A Helm chart for RADAR-base gateway. REST Gateway to Kafka, for incoming partici
| service.type | string | `"ClusterIP"` | Kubernetes Service type |
| service.port | int | `8080` | radar-gateway port |
| disable_tls | bool | `false` | Reconfigure Ingress to not force TLS |
| advertised_protocol | string | `"https"` | The protocol in advertised URIs (https, http) |
| ingress.enabled | bool | `true` | Enable ingress controller resource |
| ingress.annotations | object | check values.yaml | Annotations that define default ingress class, certificate issuer and deny access to sensitive URLs |
| ingress.path | string | `"/kafka/?(.*)"` | Path within the url structure |
Expand Down Expand Up @@ -88,4 +89,6 @@ A Helm chart for RADAR-base gateway. REST Gateway to Kafka, for incoming partici
| cc.apiSecret | string | `"ccApiSecret"` | Confluent Cloud cluster API secret |
| cc.schemaRegistryApiKey | string | `"srApiKey"` | Confluent Cloud schema registry API key |
| cc.schemaRegistryApiSecret | string | `"srApiSecret"` | Confluent Cloud schema registry API secret |
| public_key_endpoints_enabled | bool | `false` | Enables config of public key endpoints for token verification This config option is implemented to fix a compatibility issue with radar-gateway. It can be removed when the publicKeyUrls config option is merged to master. |
| public_key_endpoints | list | `[]` | List of public key endpoints for token verification |
| serverName | string | `"localhost"` | Resolvable server name, needed to find the advertised URL and callback URL |
5 changes: 4 additions & 1 deletion charts/radar-gateway/templates/configmap.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,10 @@ data:
auth:
managementPortalUrl: {{ .Values.managementportal_url }}
checkSourceId: {{ .Values.checkSourceId }}
{{- if .Values.public_key_endpoints_enabled }}
publicKeyUrls:
- {{ printf "%s://%s/managementportal/oauth/token_key" .Values.advertised_protocol .Values.serverName | quote }}
{{- end}}
{{- range .Values.public_key_endpoints }}
- {{ . | quote }}
{{ end -}}
{{ end -}}
10 changes: 9 additions & 1 deletion charts/radar-gateway/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,8 @@ service:

# -- Reconfigure Ingress to not force TLS
disable_tls: false
# -- The protocol in advertised URIs (https, http)
advertised_protocol: https

ingress:
# -- Enable ingress controller resource
Expand Down Expand Up @@ -229,6 +231,12 @@ cc:
# -- Confluent Cloud schema registry API secret
schemaRegistryApiSecret: srApiSecret

# -- Enables config of public key endpoints for token verification
# This config option is implemented to fix a compatibility issue with radar-gateway.
# It can be removed when the publicKeyUrls config option is merged to master.
public_key_endpoints_enabled: false
# -- List of public key endpoints for token verification
public_key_endpoints: []
# - https://localhost/managementportal/oauth/token_key

# -- Resolvable server name, needed to find the advertised URL and callback URL
serverName: localhost

0 comments on commit 61c0b74

Please sign in to comment.