Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adds a validator host ID for validating basic authentication #136

Merged
merged 1 commit into from
Apr 20, 2021
Merged

Adds a validator host ID for validating basic authentication #136

merged 1 commit into from
Apr 20, 2021

Conversation

diverdane
Copy link
Contributor

This change adds a special validator host ID with name 'validator'
for validating basic authentication functionality. This validator
host is very limited in what it is permitted to access:

  • The validator host ID can only be used for authentication requests
    from the CONJUR_NAMESPACE_NAME Namespace.
  • The validator host ID does not have access to any secrets.

The inclusion of a special validator will be suggested as an option that will
allow users to be able to validate the Kubernetes authenticator configuration
following Kubernetes cluster preparation or after application Namespace
preparation. This is described in this document:
https://github.com/cyberark/conjur-authn-k8s-client/blob/master/design/simple-client-configuration.md

@diverdane diverdane self-assigned this Apr 19, 2021
rpothier
rpothier reviewed Apr 19, 2021
View reviewed changes
Copy link
Contributor

@rpothier rpothier left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.
although someone more familiar with it should approve.

doodlesbykumbi
doodlesbykumbi reviewed Apr 19, 2021
View reviewed changes
Copy link
Contributor

@doodlesbykumbi doodlesbykumbi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good. Left a single comment to combine all the grants on the users layer in a single place

@diverdane diverdane force-pushed the add-validator-host-id branch from d5ff702 to aa8f27c Compare April 19, 2021 14:49
Adds a validator host ID for validating basic authentication
f471326 
This change adds a special validator host ID with name 'validator'
for validating basic authentication functionality. This validator
host is very limited in what it is permitted to access:

- The validator host ID can only be used for authentication requests
  from the CONJUR_NAMESPACE_NAME Namespace.
- The validator host ID does not have access to any secrets.
@diverdane diverdane force-pushed the add-validator-host-id branch from aa8f27c to f471326 Compare April 19, 2021 18:46
@doodlesbykumbi doodlesbykumbi merged commit 70dd4a5 into master Apr 20, 2021
@doodlesbykumbi doodlesbykumbi deleted the add-validator-host-id branch April 20, 2021 14:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rpothier rpothier rpothier left review comments

@doodlesbykumbi doodlesbykumbi doodlesbykumbi approved these changes

Assignees

@diverdane diverdane

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@diverdane @rpothier @doodlesbykumbi