From 1f6208a6a3ea882d7d04b15e2c3da119b2287b92 Mon Sep 17 00:00:00 2001 From: chashikajw Date: Thu, 12 Oct 2023 12:31:27 +0530 Subject: [PATCH] Add scopes to the config ds --- .../config-deploy-api-route.yaml | 12 ++++++++ .../config-deploy-api-scope1.yaml | 29 +++++++++++++++++++ .../resources/artifact-deployer-api.yaml | 15 ++++++++++ 3 files changed, 56 insertions(+) create mode 100644 helm-charts/templates/data-plane/config-deployer/config-deploy-api-scope1.yaml diff --git a/helm-charts/templates/data-plane/config-deployer/config-deploy-api-route.yaml b/helm-charts/templates/data-plane/config-deployer/config-deploy-api-route.yaml index c3fb37b2d7..f30e10dd57 100644 --- a/helm-charts/templates/data-plane/config-deployer/config-deploy-api-route.yaml +++ b/helm-charts/templates/data-plane/config-deployer/config-deploy-api-route.yaml @@ -34,6 +34,12 @@ spec: - group: "dp.wso2.com" kind: "Backend" name: "{{ template "apk-helm.resource.prefix" . }}-config-deployer-ds-backend" + filters: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-config-ds-scope-1 + type: ExtensionRef - matches: - path: type: "RegularExpression" @@ -43,6 +49,12 @@ spec: - group: "dp.wso2.com" kind: "Backend" name: "{{ template "apk-helm.resource.prefix" . }}-config-deployer-ds-backend" + filters: + - extensionRef: + group: dp.wso2.com + kind: Scope + name: {{ template "apk-helm.resource.prefix" . }}-config-ds-scope-1 + type: ExtensionRef parentRefs: - group: "gateway.networking.k8s.io" kind: "Gateway" diff --git a/helm-charts/templates/data-plane/config-deployer/config-deploy-api-scope1.yaml b/helm-charts/templates/data-plane/config-deployer/config-deploy-api-scope1.yaml new file mode 100644 index 0000000000..1dbb69ce44 --- /dev/null +++ b/helm-charts/templates/data-plane/config-deployer/config-deploy-api-scope1.yaml @@ -0,0 +1,29 @@ + +# Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com) All Rights Reserved. +# +# WSO2 LLC. licenses this file to you under the Apache License, +# Version 2.0 (the "License"); you may not use this file except +# in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +{{- if and .Values.wso2.apk.dp.enabled .Values.wso2.apk.dp.configdeployer.enabled }} +apiVersion: dp.wso2.com/v1alpha1 +kind: Scope +metadata: + labels: + managed-by: "apk" + name: {{ template "apk-helm.resource.prefix" . }}-config-ds-scope-1 + namespace: {{ .Release.Namespace }} + uid: {{ template "apk-helm.resource.prefix" . }}-admin-ds-scope-1-uid +spec: + names: + - apk:apk_create +{{- end -}} diff --git a/runtime/config-deployer-service/ballerina/resources/artifact-deployer-api.yaml b/runtime/config-deployer-service/ballerina/resources/artifact-deployer-api.yaml index 28c5134a16..98cb22c3fb 100644 --- a/runtime/config-deployer-service/ballerina/resources/artifact-deployer-api.yaml +++ b/runtime/config-deployer-service/ballerina/resources/artifact-deployer-api.yaml @@ -13,6 +13,9 @@ paths: tags: - APIs summary: Deploy API + security: + - OAuth2Security: + - apk:api_create description: | operationId: deployAPI requestBody: @@ -54,6 +57,9 @@ paths: tags: - APIs summary: Undeploy API + security: + - OAuth2Security: + - apk:api_create description: | operationId: undeployAPI parameters: @@ -132,3 +138,12 @@ components: schema: type: string default: application/json + securitySchemes: + OAuth2Security: + type: oauth2 + flows: + password: + tokenUrl: https://localhost:9095/oauth2/token + scopes: + openid: Authorize access to user details + apk:api_create: Deploy and Undeply APIs