Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update docu for 2.9.1 #393

Merged
merged 1 commit into from
Dec 2, 2023
Merged

Update docu for 2.9.1 #393

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 6 additions & 6 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ Please remember to provide a good summary, description as well as steps to repro

To run Gatekeeper, you can build it using `static` target in Makefile (`make static`) or you can use the Docker image by running:

docker run -it --rm quay.io/gogatekeeper/gatekeeper:2.9.0 \
docker run -it --rm quay.io/gogatekeeper/gatekeeper:2.9.1 \
--listen 127.0.0.1:8080 \
--upstream-url http://127.0.0.1:80 \
--discovery-url https://keycloak.example.com/realms/<REALM_NAME> \
Expand All @@ -36,16 +36,16 @@ Beside links to archives of binaries we provide also checksum file containing ch
for archives. You can download file gatekeeper-checksum.txt, it contains sha512 checksums e.g.:

```
324b34ece86b6214f835ba9fd79e185864a9005f514458796c22c053de63f428235d2d2a04864065a49c090ad81d2daeb45546544fdd9531a8dea1a43145b8f0 gatekeeper_2.9.0_windows_amd64.zip
38759e75a94d130758cd26958bd9a66b261be8d58a6c7a0fc04845157649aaf628d22a115c95285b405f8e4d6afa8bd78ca8677d1304faf06db93a0cbbc831a6 gatekeeper_2.9.0_linux_amd64.tar.gz
f5322e41b3d78017191246bdd54f99e9b3dd8d5ff9d224e7e81b678a952c1d5aae125ea4c251928969b0a0ea0dc59724308c918993c8227f384f61896f58cbd0 gatekeeper_2.9.0_macOS_amd64.tar.gz
324b34ece86b6214f835ba9fd79e185864a9005f514458796c22c053de63f428235d2d2a04864065a49c090ad81d2daeb45546544fdd9531a8dea1a43145b8f0 gatekeeper_2.9.1_windows_amd64.zip
38759e75a94d130758cd26958bd9a66b261be8d58a6c7a0fc04845157649aaf628d22a115c95285b405f8e4d6afa8bd78ca8677d1304faf06db93a0cbbc831a6 gatekeeper_2.9.1_linux_amd64.tar.gz
f5322e41b3d78017191246bdd54f99e9b3dd8d5ff9d224e7e81b678a952c1d5aae125ea4c251928969b0a0ea0dc59724308c918993c8227f384f61896f58cbd0 gatekeeper_2.9.1_macOS_amd64.tar.gz
```

After you download archive of binary you can calculate it's checksum by using e.g. sha512sum Linux utility:

```
sha512sum /my/path/gatekeeper_2.9.0_linux_amd64.tar.gz
38759e75a94d130758cd26958bd9a66b261be8d58a6c7a0fc04845157649aaf628d22a115c95285b405f8e4d6afa8bd78ca8677d1304faf06db93a0cbbc831a6 gatekeeper_2.9.0_linux_amd64.tar.g
sha512sum /my/path/gatekeeper_2.9.1_linux_amd64.tar.gz
38759e75a94d130758cd26958bd9a66b261be8d58a6c7a0fc04845157649aaf628d22a115c95285b405f8e4d6afa8bd78ca8677d1304faf06db93a0cbbc831a6 gatekeeper_2.9.1_linux_amd64.tar.g
```

As you can see output of command is checksum, you can compare it with the one in gatekeeper-checksum.txt.
Expand Down
8 changes: 6 additions & 2 deletions docs/content/userguide/_index.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -405,7 +405,7 @@ in Keycloak, providing granular role controls over issue tokens.

``` yaml
- name: gatekeeper
image: quay.io/gogatekeeper/gatekeeper:2.9.0
image: quay.io/gogatekeeper/gatekeeper:2.9.1
args:
- --enable-forwarding=true
- --forwarding-username=projecta
Expand All @@ -432,7 +432,7 @@ Example setup client credentials grant:

``` yaml
- name: gatekeeper
image: quay.io/gogatekeeper/gatekeeper:2.9.0
image: quay.io/gogatekeeper/gatekeeper:2.9.1
args:
- --enable-forwarding=true
- --forwarding-domains=projecta.svc.cluster.local
Expand Down Expand Up @@ -745,6 +745,10 @@ traefik forward-auth configuration when you WANT to redirect user to authenticat
server by gatekeeper (useful for e.g. frontend application authentication). Please be
aware that in this mode you need to forward headers X-Forwarded-Host, X-Forwarded-Uri, X-Forwarded-Proto, from
front proxy to gatekeeper. You can find more complete example [here](https://github.com/gogatekeeper/gatekeeper/blob/master/e2e/k8s/manifest_test_forwardauth.yml).

*NOTE*: Please very important is to forward `prefix` (means all paths with prefix) ```/oauth```
directly to gatekeeper service as you can see in manifest, otherwise you will see redirect loop.

*IMPORTANT*: Please ensure that you are receiving headers only from trusted proxy
and gatekeeper is not exposed directly to internet, otherwise attacker might misuse this!

Expand Down
2 changes: 1 addition & 1 deletion e2e/k8s/manifest_test_forwardauth.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2626,7 +2626,7 @@ spec:
- -c
- "while true;do sleep 10;done"
- name: proxy
image: quay.io/gogatekeeper/gatekeeper:2.9.0
image: quay.io/gogatekeeper/gatekeeper:2.9.1
imagePullPolicy: Never
args:
- --client-id=test-client
Expand Down
2 changes: 1 addition & 1 deletion kube/reverse.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ spec:
secretName: tls
containers:
- name: proxy
image: quay.io/gogatekeeper/gatekeeper:2.9.0
image: quay.io/gogatekeeper/gatekeeper:2.9.1
imagePullPolicy: Always
args:
- --client-id=broker
Expand Down
Loading