Uploaded image for project: 'Red Hat OpenShift AI Engineering'
  1. Red Hat OpenShift AI Engineering
  2. RHOAIENG-3748

Introduce AuthController Component for Handling Authorization Rules

XMLWordPrintable

    • False
    • Hide

      None

      Show
      None
    • False
    • RHOAISTRAT-41 - Support SSO for all RHOAI components
    • No
    • No
    • Testable

      Introduce the AuthController component within the RHOAI platform, designed to automate the management and application of authorization rules. This component will actively monitor for the creation of services labeled with security.opendathub.io/enable-auth: true and subsequently generate the required authorization resources required both for the Service Mesh and external authentication providers.

      • AuthController detects services labeled with `security.opendathub.io/enable-auth: true`.
      • On detection, it automatically creates or updates necessary authorization resources for Service Mesh and external auth providers.
        • AuthController updates or creates the matching AuthRule CR, ensuring it includes the service's local hostname.
        • AuthController transparently converts AuthRule to corresponding AuthConfig of Authrino component
      • AuthController will reconcile Authorino's AuthConfig based on AuthRule being its desired state, so that it is not tampered by 3rd party

        1.
        		 Automate component resources authorization Sub-task In Progress Undefined Aslak Knutsen
        2.
        		 Fix linter Sub-task In Progress Undefined Aslak Knutsen
        3.
        		 Review tests Sub-task New Undefined Unassigned
        4.
        		 Add high-level arch to README Sub-task New Undefined Unassigned

            Unassigned Unassigned
            bartosz-1 Bartosz Majsak
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: