Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enable oauth on hub api as well #5

Merged
merged 1 commit into from
Oct 30, 2024
Merged

Conversation

cedricve
Copy link
Member

@cedricve cedricve commented Oct 30, 2024

Pull Request Description

Title: Enable OAuth on Hub API as well

Motivation and Context:

This pull request introduces OAuth2 proxy support to the Hub API and Hub Frontend Demo services. By enabling OAuth2 proxy, we enhance the security of our services by enforcing authentication and ensuring that only authorized users can access them.

Changes:

  1. Chart Version Increment:

    • Updated the chart version from 0.61.0 to 0.62.0 in charts/hub/Chart.yaml to reflect the new changes and maintain semantic versioning.
  2. Hub API Ingress Annotations:

    • Added conditional annotations for OAuth2 proxy support in charts/hub/templates/kerberos-hub/hub-api.yaml.
    • When kerberoshub.oauth2Proxy.enabled is set to true, the following annotations are added:
      • nginx.ingress.kubernetes.io/auth-url: Points to the OAuth2 authentication URL.
      • nginx.ingress.kubernetes.io/auth-signin: Redirects to the OAuth2 sign-in URL.
  3. Hub Frontend Demo Ingress Annotations:

    • Added similar conditional annotations for OAuth2 proxy support in charts/hub/templates/kerberos-hub/hub-frontend-demo.yaml.
    • These annotations ensure that the frontend demo also requires OAuth2 authentication.

Benefits:

  • Enhanced Security: By integrating OAuth2 proxy, we add an additional layer of security, ensuring that only authenticated users can access the Hub API and Frontend Demo.
  • Consistency: Both the Hub API and Frontend Demo now have consistent authentication mechanisms, improving the overall security posture of our project.

By making these changes, we ensure that our services are more secure and aligned with best practices for authentication and authorization.

@cedricve cedricve self-assigned this Oct 30, 2024
@cedricve cedricve merged commit 4da81e1 into main Oct 30, 2024
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant