-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathcharmcraft.yaml
112 lines (101 loc) · 2.58 KB
/
charmcraft.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
# Copyright 2023 Canonical Ltd.
# See LICENSE file for licensing details.
name: oathkeeper
type: charm
title: Oathkeeper
description: |
Charmed Ory Oathkeeper
summary: |
Identity & Access Proxy / API (IAP) and Access Control Decision API that authenticates, authorizes, and mutates incoming HTTP(s) requests.
links:
documentation: https://discourse.charmhub.io/t/13972
source: https://github.com/canonical/oathkeeper-operator
issues: https://github.com/canonical/oathkeeper-operator/issues
website:
- https://discourse.charmhub.io/t/13972
assumes:
- juju >= 3.0.2
- k8s-api
containers:
oathkeeper:
resource: oci-image
resources:
oci-image:
type: oci-image
description: OCI image for oathkeeper container
upstream-source: ghcr.io/canonical/oathkeeper:0.40.6
provides:
auth-proxy:
interface: auth_proxy
forward-auth:
interface: forward_auth
oathkeeper-info:
interface: oathkeeper_info
description: |
Provides oathkeeper deployment info to a related application
metrics-endpoint:
interface: prometheus_scrape
description: |
Provides application metrics to COS Prometheus instance
grafana-dashboard:
description: |
Forwards the built-in grafana dashboard(s) for monitoring oathkeeper
interface: grafana_dashboard
requires:
kratos-info:
interface: kratos_info
limit: 1
ingress:
interface: ingress
certificates:
interface: tls-certificates
limit: 1
description: |
Send a CSR to- and obtain a signed certificate from an external CA.
logging:
interface: loki_push_api
limit: 1
tracing:
interface: tracing
limit: 1
description: |
Provides traces to COS Tempo instance
peers:
oathkeeper:
interface: oathkepeer_peers
config:
options:
dev:
description: |
Run Oathkeeper in dev mode. This option is needed if no internal ingress is configured and https is not set up.
This should only be used for development purposes.
type: boolean
default: False
actions:
list-rules:
description: List all access rules
params:
limit:
description: The maximum amount of returned access rules
type: integer
default: 20
minimum: 1
get-rule:
description: Get access rule content
params:
rule-id:
description: Access rule id
type: string
required: ["rule-id"]
base: [email protected]
platforms:
amd64:
parts:
charm:
charm-binary-python-packages:
- jsonschema
- cryptography
- pydantic
build-packages:
- libffi-dev
- libssl-dev