Skip to content

Commit

Permalink
correction
Browse files Browse the repository at this point in the history
  • Loading branch information
@andrewazores
andrewazores committed May 30, 2024
1 parent 3e833f5 commit 1708454
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -169,7 +169,7 @@ and how it advertises itself to a Cryostat server instance. Properties that requ
- [ ] `cryostat.agent.instance-id` [`String`]: a unique ID for this agent instance. This will be used to uniquely identify the agent in the Cryostat discovery database, as well as to unambiguously match its encrypted stored credentials. The default is a random UUID string. It is not recommended to override this value.
- [ ] `cryostat.agent.hostname` [`String`]: the hostname for this application instance. This will be used for the published JMX connection URL. If not provided then the default is to attempt to resolve the localhost hostname.
- [ ] `cryostat.agent.realm` [`String`]: the Cryostat Discovery API "realm" that this agent belongs to. This should be unique per agent instance. The default is the value of `cryostat.agent.app.name`.
- [ ] `cryostat.agent.authorization` [`String`]: `Authorization` header value to include with API requests to the Cryostat server, ex. `Bearer abcd1234`. Takes precedence over `cryostat.agent.authorization.type` and `cryostat.agent.authorization.value`. Defaults to the empty string, so no `Authorization` header is sent.
- [ ] `cryostat.agent.authorization` [`String`]: `Authorization` header value to include with API requests to the Cryostat server, ex. `Bearer abcd1234`. Takes precedence over `cryostat.agent.authorization.type` and `cryostat.agent.authorization.value`. Defaults to the empty string, so `cryostat.agent.authorization.type` and `cryostat.agent.authorization.value` are used instead.
- [ ] `cryostat.agent.authorization.type` [`String`]: may be `basic`, `bearer`, `kubernetes`, `none`, or `auto`. Each performs a mapping of the `cryostat.agent.authorization.value` to produce an `Authorization` header (see above). `basic` encodes the value using base64 to produce a `Basic base64(value)` header, `bearer` directly embeds the value into a `Bearer value` header, `kubernetes` reads the value as a file location to produce a `Bearer fileAsString(value)` header, `none` produces no header. Default `auto`, which tries to do `kubernetes` first and falls back on `none`.
- [ ] `cryostat.agent.authorization.value` [`String`]: the value to map into an `Authorization` header. If the `cryostat.agent.authorization.type` is `basic` then this should be the unencoded basic credentials, ex. `user:pass`. If `bearer` then it should be the token to be presented. If `kubernetes` it should be the filesystem path to the service account token secret file. If `none` it is ignored. Default `/var/run/secrets/kubernetes.io/serviceaccount/token`, the standard location for Kubernetes serviceaccount token secret files.
- [ ] `cryostat.agent.webclient.ssl.trust-all` [`boolean`]: Control whether the agent trusts all certificates presented by the Cryostat server. Default `false`. This should only be overridden for development and testing purposes, never in production.
Expand Down

0 comments on commit 1708454

Please sign in to comment.