Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix some inconsistencies in jwt docs #18234

Merged
merged 4 commits into from
Jul 24, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ The following list outlines field hierarchy, language-specific data types, and r
<Tab heading="YAML" group="yaml">

- [`apiVersion`](#apiversion): string | required | must be set to `consul.hashicorp.com/v1alpha1`
- [`kind`](#kind): string | required | must be set to `jwtProvider`
- [`kind`](#kind): string | required | must be set to `JWTProvider`
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

- [`metadata`](#metadata): map | required
- [`name`](#metadata-name): string | required
- [`namespace`](#metadata-namespace): string
Expand Down Expand Up @@ -289,8 +289,8 @@ CacheConfig = {

```yaml
apiVersion: consul.hashicorp.com/v1alpha1 # required
kind: jwtProvider # required
metadata: # required
kind: JWTProvider # required
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

metadata: # required
name: <name-of-provider-configuration-entry> # required
namespace: <namespace>
spec: # required
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -62,20 +62,20 @@ The following outline shows how to format the service intentions configuration e
<Tab heading= "YAML" group="yaml">

- [`apiVersion`](#apiversion): string | must be set to `consul.hashicorp.com/v1alpha1`
- [`kind`](#kind): string | must be set to `ServiceIntentions`
- [`metadata`](#metadata): map | required
- [`name`](#metadata-name): string | required
- [`kind`](#kind): string | must be set to `ServiceIntentions`
- [`metadata`](#metadata): map | required
- [`name`](#metadata-name): string | required
- [`namespace`](#metadata-namespace): string | `default` | <EnterpriseAlert inline/>
- [`spec`](#spec): map | no default
- [`spec`](#spec): map | no default
- [`destination`](#spec-destination): map | no default
- [`name`](#spec-destination-name): string | required
- [`namespace`](#metadata-namespace): string | `default` | <EnterpriseAlert inline/>
- [`jwt`](#spec-jwt): map
- [`providers`](#spec-jwt-providers): list of maps
- [`name`](#spec-jwt-providers-name): string
- [`verifyClaims`](#spec-jwt-provider-verifyclaims): list of maps
- [`path`](#spec-jwt-provider-verifyclaims-path): list of strings
- [`value`](#spec-jwt-provider-verifyclaims-value): string
- [`jwt`](#spec-jwt): map
- [`providers`](#spec-jwt-providers): list of maps
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this should be nested under the jwt key

- [`name`](#spec-jwt-providers-name): string
- [`verifyClaims`](#spec-jwt-provider-verifyclaims): list of maps
- [`path`](#spec-jwt-provider-verifyclaims-path): list of strings
- [`value`](#spec-jwt-provider-verifyclaims-value): string
- [`sources`](#spec-sources): list | no default
- [`name`](#spec-sources-name): string | no default
- [`peer`](#spec-sources-peer): string | no default
Expand All @@ -86,20 +86,19 @@ The following outline shows how to format the service intentions configuration e
- [`permissions`](#spec-sources-permissions): list | no default
- [`action`](#spec-sources-permissions-action): string | no default | required
- [`http`](#spec-sources-permissions-http): map | required
- [`pathExact`](#spec-sources-permissions-http): string | no default
- [`pathPrefix`](#spec-sources-permissions-http): string | no default
- [`pathRegex`](#spec-sources-permissions-http): string | no default
- [`methods`](#spec-sources-permissions-http): list | no default
- [`header`](#spec-sources-permissions-http-header): list of maps |no default
- [`pathExact`](#spec-sources-permissions-http): string | no default
- [`pathPrefix`](#spec-sources-permissions-http): string | no default
- [`pathRegex`](#spec-sources-permissions-http): string | no default
- [`methods`](#spec-sources-permissions-http): list | no default
- [`header`](#spec-sources-permissions-http-header): list of maps |no default
- [`name`](#spec-sources-permissions-http-header): string | required
- [`present`](#spec-sources-permissions-http-header): boolean | `false`
- [`present`](#spec-sources-permissions-http-header): boolean | `false`
- [`exact`](#spec-sources-permissions-http-header): string | no default
- [`prefix`](#spec-sources-permissions-http-header): string | no default
- [`suffix`](#spec-sources-permissions-http-header): string | no default
- [`regex`](#spec-sources-permissions-http-header): string | no default
- [`invert`](#spec-sources-permissions-http-header): boolean | `false`
- [`type`](#spec-sources-type): string | `consul`
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

type isn't actually required when deploying on k8s, I got errors saying this field is unknown:

Error from server (BadRequest): error when creating "./consul/jwt-intention.yaml": ServiceIntentions in version "v1alpha1" cannot be handled as a ServiceIntentions: strict decoding error: unknown field "type"

- [`description`](#spec-sources-description): string
- [`invert`](#spec-sources-permissions-http-header): boolean | `false`
- [`description`](#spec-sources-description): string

</Tab>
</Tabs>
Expand Down Expand Up @@ -195,15 +194,14 @@ Sources = [

```yaml
apiVersion: consul.hashicorp.com/v1alpha1
kind: service-intentions
kind: ServiceIntentions
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

metadata:
name: <name of destination service>
namespace: <destination namespace>
spec:
destination:
destination:
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the destination key was listed twice for some reason?

name: <name of destination service>
namespace: <destination namespace>
name: <name of destination service>
namespace: <destination namespace>
jwt:
providers:
name: <JWT-provider-name>
Expand Down Expand Up @@ -238,7 +236,6 @@ spec:
- name: <http header name>
regex: <regex pattern to match>
invert: false
type: consul
description: <description for API responses>
```
</Tab>
Expand Down