-
Story
-
Resolution: Unresolved
-
Major
-
None
-
None
Introduce the AuthController component within the RHOAI platform, designed to automate the management and application of authorization rules. This component will actively monitor for the creation of services labeled with security.opendathub.io/enable-auth: true and subsequently generate the required authorization resources required both for the Service Mesh and external authentication providers.
- AuthController detects services labeled with `security.opendathub.io/enable-auth: true`.
- On detection, it automatically creates or updates necessary authorization resources for Service Mesh and external auth providers.
- AuthController updates or creates the matching AuthRule CR, ensuring it includes the service's local hostname.
- AuthController transparently converts AuthRule to corresponding AuthConfig of Authrino component
- AuthController will reconcile Authorino's AuthConfig based on AuthRule being its desired state, so that it is not tampered by 3rd party
1.
|
Automate component resources authorization | In Progress | Aslak Knutsen | ||
2.
|
Fix linter | In Progress | Aslak Knutsen | ||
3.
|
Review tests | New | Unassigned | ||
4.
|
Add high-level arch to README | New | Unassigned |