CadolesKube/hydra-maester
7
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Compare commits

base: CadolesKube:996cd767b7ebdd12e9518dca65a2173a05afae94
Branches Tags
CadolesKube:master CadolesKube:issue-151
...
compare: CadolesKube:issue-151
Branches Tags
CadolesKube:issue-151 CadolesKube:master

10 Commits
996cd767b7 ... issue-151

Author SHA1 Message Date
William Petit
1ed6229e78 feat: add 'UserinfoSignedResponseAlg' attribute to hydra.ory.sh_oauth2clients CRD
Some checks failed
Format / format (push) Failing after 6m3s
Details
CI / Prepare Dependencies (pull_request) Successful in 18m21s
Details
CI / Detected Repo Changes (pull_request) Successful in 8s
Details
Docker Image Scan / docker (pull_request) Failing after 21m14s
Details
Format / format (pull_request) Failing after 4m54s
Details
Licenses / License compliance (pull_request) Successful in 7m42s
Details
CI / Lint GithubAction files (pull_request) Has been skipped
Details
CI / Compile and test (pull_request) Failing after 9m23s
Details
CI / Run integration tests (pull_request) Failing after 15m8s
Details
CI / Build docker image (pull_request) Has been skipped
Details
Conventional commits / Validate PR title (pull_request_target) Failing after 9s
Details
CI / release (pull_request) Has been skipped
Details
2025-03-07 15:09:16 +01:00
ory-bot
e9be45f0b4 chore: update repository templates to 83e71e6e97
Some checks failed
CI / Prepare Dependencies (push) Successful in 19m3s
Details
CI / Detected Repo Changes (push) Successful in 12s
Details
Docker Image Scan / docker (push) Failing after 22m30s
Details
Format / format (push) Successful in 9m19s
Details
Synchronize Issue Labels / Synchronize Issue Labels (push) Has been skipped
Details
Licenses / License compliance (push) Successful in 9m17s
Details
CI / Lint GithubAction files (push) Has been skipped
Details
CI / Compile and test (push) Has been skipped
Details
CI / Run integration tests (push) Has been skipped
Details
CI / Build docker image (push) Has been skipped
Details
CI / release (push) Has been skipped
Details
2025-01-02 13:55:45 +00:00
ory-bot
7ae57adaa1 autogen: update license overview 2025-01-02 12:56:25 +00:00
ory-bot
b04e0a4ab2 chore: update repository templates to 44efd83ab7 2025-01-02 12:21:33 +00:00
ory-bot
80bb30395b chore: update repository templates to c091d79648 2025-01-02 12:18:45 +00:00
ory-bot
e61e2e6041 chore: update repository templates to cb2a20fceb 2024-12-31 10:43:06 +00:00
ory-bot
7f165b64cc chore: update repository templates to 6dd5819712 2024-12-31 10:36:26 +00:00
ory-bot
0cc8ddf593 chore: update repository templates to b1eed8856c 2024-12-30 22:59:19 +00:00
ory-bot
d25e97d335 autogen: update license overview 2024-12-30 13:10:40 +00:00
aeneasr
050546c301 chore: update repository templates to cbb120bd7c 2024-12-30 12:53:35 +00:00
7 changed files with 549 additions and 379 deletions
Expand all files Collapse all files

14
.github/workflows/licenses.yml vendored
View File

@ -8,10 +8,12 @@ on:
push: push:
branches: branches:
- main - main
- v3
- master - master
jobs: jobs:
check: licenses:
name: License compliance
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Install script - name: Install script
@ -20,8 +22,14 @@ jobs:
token: ${{ secrets.ORY_BOT_PAT || secrets.GITHUB_TOKEN }} token: ${{ secrets.ORY_BOT_PAT || secrets.GITHUB_TOKEN }}
- name: Check licenses - name: Check licenses
uses: ory/ci/licenses/check@master uses: ory/ci/licenses/check@master
- name: Write licenses - name: Write, commit, push licenses
uses: ory/ci/licenses/write@master uses: ory/ci/licenses/write@master
if: if:
${{ github.ref == 'refs/heads/main' || github.ref == ${{ github.ref == 'refs/heads/main' || github.ref ==
'refs/heads/master' }} 'refs/heads/master' || github.ref == 'refs/heads/v3' }}
with:
author-email:
${{ secrets.ORY_BOT_PAT &&
'60093411+ory-bot@users.noreply.github.com' ||
format('{0}@users.noreply.github.com', github.actor) }}
author-name: ${{ secrets.ORY_BOT_PAT && 'ory-bot' || github.actor }}

176
.reports/dep-licenses.csv Normal file
View File

@ -0,0 +1,176 @@
"github.com/go-logr/logr","Apache-2.0"
"github.com/asaskevich/govalidator","MIT"
"github.com/go-openapi/errors","Apache-2.0"
"github.com/go-openapi/runtime","Apache-2.0"
"github.com/go-openapi/strfmt","Apache-2.0"
"github.com/go-openapi/swag","Apache-2.0"
"github.com/google/uuid","BSD-3-Clause"
"github.com/josharian/intern","MIT"
"github.com/mailru/easyjson","MIT"
"github.com/mitchellh/mapstructure","MIT"
"github.com/oklog/ulid","Apache-2.0"
"go.mongodb.org/mongo-driver","Apache-2.0"
"golang.org/x/sync/errgroup","BSD-3-Clause"
"gopkg.in/yaml.v3","MIT"
"github.com/fsnotify/fsnotify","BSD-3-Clause"
"github.com/nxadm/tail","MIT"
"github.com/nxadm/tail/ratelimiter","MIT"
"github.com/onsi/ginkgo","MIT"
"github.com/onsi/ginkgo/reporters/stenographer/support/go-colorable","MIT"
"golang.org/x/sys/unix","BSD-3-Clause"
"gopkg.in/tomb.v1","BSD-3-Clause"
"github.com/google/go-cmp/cmp","BSD-3-Clause"
"github.com/onsi/gomega","MIT"
"golang.org/x/net/html","BSD-3-Clause"
"golang.org/x/text","BSD-3-Clause"
"gopkg.in/yaml.v3","MIT"
"github.com/asaskevich/govalidator","MIT"
"github.com/beorn7/perks/quantile","MIT"
"github.com/cespare/xxhash/v2","MIT"
"github.com/davecgh/go-spew/spew","ISC"
"github.com/emicklei/go-restful/v3","MIT"
"github.com/evanphx/json-patch/v5","BSD-3-Clause"
"github.com/fsnotify/fsnotify","BSD-3-Clause"
"github.com/go-logr/logr","Apache-2.0"
"github.com/go-logr/stdr","Apache-2.0"
"github.com/go-logr/zapr","Apache-2.0"
"github.com/go-openapi/analysis","Apache-2.0"
"github.com/go-openapi/errors","Apache-2.0"
"github.com/go-openapi/jsonpointer","Apache-2.0"
"github.com/go-openapi/jsonreference","Apache-2.0"
"github.com/go-openapi/loads","Apache-2.0"
"github.com/go-openapi/runtime","Apache-2.0"
"github.com/go-openapi/runtime/middleware/denco","MIT"
"github.com/go-openapi/spec","Apache-2.0"
"github.com/go-openapi/strfmt","Apache-2.0"
"github.com/go-openapi/swag","Apache-2.0"
"github.com/go-openapi/validate","Apache-2.0"
"github.com/gogo/protobuf","BSD-3-Clause"
"github.com/golang/groupcache/lru","Apache-2.0"
"github.com/golang/protobuf","BSD-3-Clause"
"github.com/google/gnostic-models","Apache-2.0"
"github.com/google/go-cmp/cmp","BSD-3-Clause"
"github.com/google/gofuzz","Apache-2.0"
"github.com/google/uuid","BSD-3-Clause"
"github.com/imdario/mergo","BSD-3-Clause"
"github.com/josharian/intern","MIT"
"github.com/json-iterator/go","MIT"
"github.com/mailru/easyjson","MIT"
"github.com/matttproud/golang_protobuf_extensions/pbutil","Apache-2.0"
"github.com/mitchellh/mapstructure","MIT"
"github.com/modern-go/concurrent","Apache-2.0"
"github.com/modern-go/reflect2","Apache-2.0"
"github.com/munnerz/goautoneg","BSD-3-Clause"
"github.com/oklog/ulid","Apache-2.0"
"github.com/opentracing/opentracing-go","Apache-2.0"
"github.com/ory/hydra-maester","Apache-2.0"
"github.com/pkg/errors","BSD-2-Clause"
"github.com/prometheus/client_golang/prometheus","Apache-2.0"
"github.com/prometheus/client_model/go","Apache-2.0"
"github.com/prometheus/common","Apache-2.0"
"github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg","BSD-3-Clause"
"github.com/prometheus/procfs","Apache-2.0"
"github.com/spf13/pflag","BSD-3-Clause"
"go.mongodb.org/mongo-driver","Apache-2.0"
"go.opentelemetry.io/otel","Apache-2.0"
"go.opentelemetry.io/otel/metric","Apache-2.0"
"go.opentelemetry.io/otel/trace","Apache-2.0"
"go.uber.org/multierr","MIT"
"go.uber.org/zap","MIT"
"golang.org/x/exp/maps","BSD-3-Clause"
"golang.org/x/net","BSD-3-Clause"
"golang.org/x/oauth2","BSD-3-Clause"
"golang.org/x/sync/errgroup","BSD-3-Clause"
"golang.org/x/sys/unix","BSD-3-Clause"
"golang.org/x/term","BSD-3-Clause"
"golang.org/x/text","BSD-3-Clause"
"golang.org/x/time/rate","BSD-3-Clause"
"gomodules.xyz/jsonpatch/v2","Apache-2.0"
"google.golang.org/protobuf","BSD-3-Clause"
"gopkg.in/inf.v0","BSD-3-Clause"
"gopkg.in/yaml.v2","Apache-2.0"
"gopkg.in/yaml.v3","MIT"
"k8s.io/api","Apache-2.0"
"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions","Apache-2.0"
"k8s.io/apimachinery/pkg","Apache-2.0"
"k8s.io/apimachinery/third_party/forked/golang","BSD-3-Clause"
"k8s.io/client-go","Apache-2.0"
"k8s.io/klog/v2","Apache-2.0"
"k8s.io/kube-openapi/pkg","Apache-2.0"
"k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json","BSD-3-Clause"
"k8s.io/kube-openapi/pkg/validation/spec","Apache-2.0"
"k8s.io/utils","Apache-2.0"
"k8s.io/utils/internal/third_party/forked/golang/net","BSD-3-Clause"
"sigs.k8s.io/controller-runtime","Apache-2.0"
"sigs.k8s.io/json","Apache-2.0"
"sigs.k8s.io/json","BSD-3-Clause"
"sigs.k8s.io/structured-merge-diff/v4","Apache-2.0"
"sigs.k8s.io/yaml","MIT"
"sigs.k8s.io/yaml","BSD-3-Clause"
"github.com/stretchr/testify","MIT"
"k8s.io/api","Apache-2.0"
"k8s.io/apimachinery","Apache-2.0"
"k8s.io/client-go","Apache-2.0"
"github.com/beorn7/perks/quantile","MIT"
"github.com/cespare/xxhash/v2","MIT"
"github.com/davecgh/go-spew/spew","ISC"
"github.com/emicklei/go-restful/v3","MIT"
"github.com/evanphx/json-patch/v5","BSD-3-Clause"
"github.com/fsnotify/fsnotify","BSD-3-Clause"
"github.com/go-logr/logr","Apache-2.0"
"github.com/go-openapi/jsonpointer","Apache-2.0"
"github.com/go-openapi/jsonreference","Apache-2.0"
"github.com/go-openapi/swag","Apache-2.0"
"github.com/gogo/protobuf","BSD-3-Clause"
"github.com/golang/groupcache/lru","Apache-2.0"
"github.com/golang/protobuf","BSD-3-Clause"
"github.com/google/gnostic-models","Apache-2.0"
"github.com/google/go-cmp/cmp","BSD-3-Clause"
"github.com/google/gofuzz","Apache-2.0"
"github.com/google/uuid","BSD-3-Clause"
"github.com/imdario/mergo","BSD-3-Clause"
"github.com/josharian/intern","MIT"
"github.com/json-iterator/go","MIT"
"github.com/mailru/easyjson","MIT"
"github.com/matttproud/golang_protobuf_extensions/pbutil","Apache-2.0"
"github.com/modern-go/concurrent","Apache-2.0"
"github.com/modern-go/reflect2","Apache-2.0"
"github.com/munnerz/goautoneg","BSD-3-Clause"
"github.com/pkg/errors","BSD-2-Clause"
"github.com/prometheus/client_golang/prometheus","Apache-2.0"
"github.com/prometheus/client_model/go","Apache-2.0"
"github.com/prometheus/common","Apache-2.0"
"github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg","BSD-3-Clause"
"github.com/prometheus/procfs","Apache-2.0"
"github.com/spf13/pflag","BSD-3-Clause"
"golang.org/x/exp/maps","BSD-3-Clause"
"golang.org/x/net","BSD-3-Clause"
"golang.org/x/oauth2","BSD-3-Clause"
"golang.org/x/sys/unix","BSD-3-Clause"
"golang.org/x/term","BSD-3-Clause"
"golang.org/x/text","BSD-3-Clause"
"golang.org/x/time/rate","BSD-3-Clause"
"gomodules.xyz/jsonpatch/v2","Apache-2.0"
"google.golang.org/protobuf","BSD-3-Clause"
"gopkg.in/inf.v0","BSD-3-Clause"
"gopkg.in/yaml.v2","Apache-2.0"
"gopkg.in/yaml.v3","MIT"
"k8s.io/api","Apache-2.0"
"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions","Apache-2.0"
"k8s.io/apimachinery/pkg","Apache-2.0"
"k8s.io/apimachinery/third_party/forked/golang","BSD-3-Clause"
"k8s.io/client-go","Apache-2.0"
"k8s.io/klog/v2","Apache-2.0"
"k8s.io/kube-openapi/pkg","Apache-2.0"
"k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json","BSD-3-Clause"
"k8s.io/kube-openapi/pkg/validation/spec","Apache-2.0"
"k8s.io/utils","Apache-2.0"
"k8s.io/utils/internal/third_party/forked/golang/net","BSD-3-Clause"
"sigs.k8s.io/controller-runtime","Apache-2.0"
"sigs.k8s.io/json","Apache-2.0"
"sigs.k8s.io/json","BSD-3-Clause"
"sigs.k8s.io/structured-merge-diff/v4","Apache-2.0"
"sigs.k8s.io/yaml","MIT"
"sigs.k8s.io/yaml","BSD-3-Clause"
1 github.com/go-logr/logr Apache-2.0
2 github.com/asaskevich/govalidator MIT
3 github.com/go-openapi/errors Apache-2.0
4 github.com/go-openapi/runtime Apache-2.0
5 github.com/go-openapi/strfmt Apache-2.0
6 github.com/go-openapi/swag Apache-2.0
7 github.com/google/uuid BSD-3-Clause
8 github.com/josharian/intern MIT
9 github.com/mailru/easyjson MIT
10 github.com/mitchellh/mapstructure MIT
11 github.com/oklog/ulid Apache-2.0
12 go.mongodb.org/mongo-driver Apache-2.0
13 golang.org/x/sync/errgroup BSD-3-Clause
14 gopkg.in/yaml.v3 MIT
15 github.com/fsnotify/fsnotify BSD-3-Clause
16 github.com/nxadm/tail MIT
17 github.com/nxadm/tail/ratelimiter MIT
18 github.com/onsi/ginkgo MIT
19 github.com/onsi/ginkgo/reporters/stenographer/support/go-colorable MIT
20 golang.org/x/sys/unix BSD-3-Clause
21 gopkg.in/tomb.v1 BSD-3-Clause
22 github.com/google/go-cmp/cmp BSD-3-Clause
23 github.com/onsi/gomega MIT
24 golang.org/x/net/html BSD-3-Clause
25 golang.org/x/text BSD-3-Clause
26 gopkg.in/yaml.v3 MIT
27 github.com/asaskevich/govalidator MIT
28 github.com/beorn7/perks/quantile MIT
29 github.com/cespare/xxhash/v2 MIT
30 github.com/davecgh/go-spew/spew ISC
31 github.com/emicklei/go-restful/v3 MIT
32 github.com/evanphx/json-patch/v5 BSD-3-Clause
33 github.com/fsnotify/fsnotify BSD-3-Clause
34 github.com/go-logr/logr Apache-2.0
35 github.com/go-logr/stdr Apache-2.0
36 github.com/go-logr/zapr Apache-2.0
37 github.com/go-openapi/analysis Apache-2.0
38 github.com/go-openapi/errors Apache-2.0
39 github.com/go-openapi/jsonpointer Apache-2.0
40 github.com/go-openapi/jsonreference Apache-2.0
41 github.com/go-openapi/loads Apache-2.0
42 github.com/go-openapi/runtime Apache-2.0
43 github.com/go-openapi/runtime/middleware/denco MIT
44 github.com/go-openapi/spec Apache-2.0
45 github.com/go-openapi/strfmt Apache-2.0
46 github.com/go-openapi/swag Apache-2.0
47 github.com/go-openapi/validate Apache-2.0
48 github.com/gogo/protobuf BSD-3-Clause
49 github.com/golang/groupcache/lru Apache-2.0
50 github.com/golang/protobuf BSD-3-Clause
51 github.com/google/gnostic-models Apache-2.0
52 github.com/google/go-cmp/cmp BSD-3-Clause
53 github.com/google/gofuzz Apache-2.0
54 github.com/google/uuid BSD-3-Clause
55 github.com/imdario/mergo BSD-3-Clause
56 github.com/josharian/intern MIT
57 github.com/json-iterator/go MIT
58 github.com/mailru/easyjson MIT
59 github.com/matttproud/golang_protobuf_extensions/pbutil Apache-2.0
60 github.com/mitchellh/mapstructure MIT
61 github.com/modern-go/concurrent Apache-2.0
62 github.com/modern-go/reflect2 Apache-2.0
63 github.com/munnerz/goautoneg BSD-3-Clause
64 github.com/oklog/ulid Apache-2.0
65 github.com/opentracing/opentracing-go Apache-2.0
66 github.com/ory/hydra-maester Apache-2.0
67 github.com/pkg/errors BSD-2-Clause
68 github.com/prometheus/client_golang/prometheus Apache-2.0
69 github.com/prometheus/client_model/go Apache-2.0
70 github.com/prometheus/common Apache-2.0
71 github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg BSD-3-Clause
72 github.com/prometheus/procfs Apache-2.0
73 github.com/spf13/pflag BSD-3-Clause
74 go.mongodb.org/mongo-driver Apache-2.0
75 go.opentelemetry.io/otel Apache-2.0
76 go.opentelemetry.io/otel/metric Apache-2.0
77 go.opentelemetry.io/otel/trace Apache-2.0
78 go.uber.org/multierr MIT
79 go.uber.org/zap MIT
80 golang.org/x/exp/maps BSD-3-Clause
81 golang.org/x/net BSD-3-Clause
82 golang.org/x/oauth2 BSD-3-Clause
83 golang.org/x/sync/errgroup BSD-3-Clause
84 golang.org/x/sys/unix BSD-3-Clause
85 golang.org/x/term BSD-3-Clause
86 golang.org/x/text BSD-3-Clause
87 golang.org/x/time/rate BSD-3-Clause
88 gomodules.xyz/jsonpatch/v2 Apache-2.0
89 google.golang.org/protobuf BSD-3-Clause
90 gopkg.in/inf.v0 BSD-3-Clause
91 gopkg.in/yaml.v2 Apache-2.0
92 gopkg.in/yaml.v3 MIT
93 k8s.io/api Apache-2.0
94 k8s.io/apiextensions-apiserver/pkg/apis/apiextensions Apache-2.0
95 k8s.io/apimachinery/pkg Apache-2.0
96 k8s.io/apimachinery/third_party/forked/golang BSD-3-Clause
97 k8s.io/client-go Apache-2.0
98 k8s.io/klog/v2 Apache-2.0
99 k8s.io/kube-openapi/pkg Apache-2.0
100 k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json BSD-3-Clause
101 k8s.io/kube-openapi/pkg/validation/spec Apache-2.0
102 k8s.io/utils Apache-2.0
103 k8s.io/utils/internal/third_party/forked/golang/net BSD-3-Clause
104 sigs.k8s.io/controller-runtime Apache-2.0
105 sigs.k8s.io/json Apache-2.0
106 sigs.k8s.io/json BSD-3-Clause
107 sigs.k8s.io/structured-merge-diff/v4 Apache-2.0
108 sigs.k8s.io/yaml MIT
109 sigs.k8s.io/yaml BSD-3-Clause
110 github.com/stretchr/testify MIT
111 k8s.io/api Apache-2.0
112 k8s.io/apimachinery Apache-2.0
113 k8s.io/client-go Apache-2.0
114 github.com/beorn7/perks/quantile MIT
115 github.com/cespare/xxhash/v2 MIT
116 github.com/davecgh/go-spew/spew ISC
117 github.com/emicklei/go-restful/v3 MIT
118 github.com/evanphx/json-patch/v5 BSD-3-Clause
119 github.com/fsnotify/fsnotify BSD-3-Clause
120 github.com/go-logr/logr Apache-2.0
121 github.com/go-openapi/jsonpointer Apache-2.0
122 github.com/go-openapi/jsonreference Apache-2.0
123 github.com/go-openapi/swag Apache-2.0
124 github.com/gogo/protobuf BSD-3-Clause
125 github.com/golang/groupcache/lru Apache-2.0
126 github.com/golang/protobuf BSD-3-Clause
127 github.com/google/gnostic-models Apache-2.0
128 github.com/google/go-cmp/cmp BSD-3-Clause
129 github.com/google/gofuzz Apache-2.0
130 github.com/google/uuid BSD-3-Clause
131 github.com/imdario/mergo BSD-3-Clause
132 github.com/josharian/intern MIT
133 github.com/json-iterator/go MIT
134 github.com/mailru/easyjson MIT
135 github.com/matttproud/golang_protobuf_extensions/pbutil Apache-2.0
136 github.com/modern-go/concurrent Apache-2.0
137 github.com/modern-go/reflect2 Apache-2.0
138 github.com/munnerz/goautoneg BSD-3-Clause
139 github.com/pkg/errors BSD-2-Clause
140 github.com/prometheus/client_golang/prometheus Apache-2.0
141 github.com/prometheus/client_model/go Apache-2.0
142 github.com/prometheus/common Apache-2.0
143 github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg BSD-3-Clause
144 github.com/prometheus/procfs Apache-2.0
145 github.com/spf13/pflag BSD-3-Clause
146 golang.org/x/exp/maps BSD-3-Clause
147 golang.org/x/net BSD-3-Clause
148 golang.org/x/oauth2 BSD-3-Clause
149 golang.org/x/sys/unix BSD-3-Clause
150 golang.org/x/term BSD-3-Clause
151 golang.org/x/text BSD-3-Clause
152 golang.org/x/time/rate BSD-3-Clause
153 gomodules.xyz/jsonpatch/v2 Apache-2.0
154 google.golang.org/protobuf BSD-3-Clause
155 gopkg.in/inf.v0 BSD-3-Clause
156 gopkg.in/yaml.v2 Apache-2.0
157 gopkg.in/yaml.v3 MIT
158 k8s.io/api Apache-2.0
159 k8s.io/apiextensions-apiserver/pkg/apis/apiextensions Apache-2.0
160 k8s.io/apimachinery/pkg Apache-2.0
161 k8s.io/apimachinery/third_party/forked/golang BSD-3-Clause
162 k8s.io/client-go Apache-2.0
163 k8s.io/klog/v2 Apache-2.0
164 k8s.io/kube-openapi/pkg Apache-2.0
165 k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json BSD-3-Clause
166 k8s.io/kube-openapi/pkg/validation/spec Apache-2.0
167 k8s.io/utils Apache-2.0
168 k8s.io/utils/internal/third_party/forked/golang/net BSD-3-Clause
169 sigs.k8s.io/controller-runtime Apache-2.0
170 sigs.k8s.io/json Apache-2.0
171 sigs.k8s.io/json BSD-3-Clause
172 sigs.k8s.io/structured-merge-diff/v4 Apache-2.0
173 sigs.k8s.io/yaml MIT
174 sigs.k8s.io/yaml BSD-3-Clause

5
api/v1alpha1/oauth2client_types.go
View File

@ -225,6 +225,11 @@ type OAuth2ClientSpec struct {
// Indicates if a deleted OAuth2Client custom resource should delete the database row or not. // Indicates if a deleted OAuth2Client custom resource should delete the database row or not.
// Value 1 means deletion of the OAuth2 client, value 2 means keep an orphan oauth2 client. // Value 1 means deletion of the OAuth2 client, value 2 means keep an orphan oauth2 client.
DeletionPolicy OAuth2ClientDeletionPolicy `json:"deletionPolicy,omitempty"` DeletionPolicy OAuth2ClientDeletionPolicy `json:"deletionPolicy,omitempty"`
// +kubebuilder:validation:type=string
//
// UserInfoSignedResponseAlg value specifying the JWS alg algorithm for signing UserInfo Responses
UserInfoSignedResponseAlg string `json:"userInfoSignedResponseAlg,omitempty"`
} }
// GrantType represents an OAuth 2.0 grant type // GrantType represents an OAuth 2.0 grant type

143
config/crd/bases/hydra.ory.sh_oauth2clients.yaml
View File

@ -37,75 +37,64 @@ spec:
metadata: metadata:
type: object type: object
spec: spec:
description: description: OAuth2ClientSpec defines the desired state of OAuth2Client
OAuth2ClientSpec defines the desired state of OAuth2Client
properties: properties:
allowedCorsOrigins: allowedCorsOrigins:
description: description: AllowedCorsOrigins is an array of allowed CORS origins
AllowedCorsOrigins is an array of allowed CORS origins
items: items:
description: description: RedirectURI represents a redirect URI for the client
RedirectURI represents a redirect URI for the client
pattern: \w+:/?/?[^\s]+ pattern: \w+:/?/?[^\s]+
type: string type: string
type: array type: array
audience: audience:
description: description: Audience is a whitelist defining the audiences this client
Audience is a whitelist defining the audiences this client
is allowed to request tokens for is allowed to request tokens for
items: items:
type: string type: string
type: array type: array
backChannelLogoutSessionRequired: backChannelLogoutSessionRequired:
default: false default: false
description: description: BackChannelLogoutSessionRequired Boolean value specifying
BackChannelLogoutSessionRequired Boolean value specifying whether the RP requires that a sid (session ID) Claim be included
whether the RP requires that a sid (session ID) Claim be in the Logout Token to identify the RP session with the OP when
included in the Logout Token to identify the RP session with the backchannel_logout_uri is used. If omitted, the default value
the OP when the backchannel_logout_uri is used. If omitted, is false.
the default value is false.
type: boolean type: boolean
backChannelLogoutURI: backChannelLogoutURI:
description: description: BackChannelLogoutURI RP URL that will cause the RP to
BackChannelLogoutURI RP URL that will cause the RP to log log itself out when sent a Logout Token by the OP
itself out when sent a Logout Token by the OP
pattern: (^$|^https?://.*) pattern: (^$|^https?://.*)
type: string type: string
clientName: clientName:
description: description: ClientName is the human-readable string name of the client
ClientName is the human-readable string name of the client
to be presented to the end-user during authorization. to be presented to the end-user during authorization.
type: string type: string
deletionPolicy: deletionPolicy:
description: |- description: |-
Indicates if a deleted OAuth2Client custom resource should delete the database row or not. Indicates if a deleted OAuth2Client custom resource should delete the database row or not.
Value 0 means deletion of the OAuth2 client, value 1 means keep an orphan oauth2 client. Value 1 means deletion of the OAuth2 client, value 2 means keep an orphan oauth2 client.
enum: enum:
- 0
- 1 - 1
- 2
type: integer type: integer
frontChannelLogoutSessionRequired: frontChannelLogoutSessionRequired:
default: false default: false
description: description: FrontChannelLogoutSessionRequired Boolean value specifying
FrontChannelLogoutSessionRequired Boolean value specifying whether the RP requires that iss (issuer) and sid (session ID) query
whether the RP requires that iss (issuer) and sid (session parameters be included to identify the RP session with the OP when
ID) query parameters be included to identify the RP session the frontchannel_logout_uri is used
with the OP when the frontchannel_logout_uri is used
type: boolean type: boolean
frontChannelLogoutURI: frontChannelLogoutURI:
description: description: FrontChannelLogoutURI RP URL that will cause the RP to
FrontChannelLogoutURI RP URL that will cause the RP to log log itself out when rendered in an iframe by the OP. An iss (issuer)
itself out when rendered in an iframe by the OP. An iss query parameter and a sid (session ID) query parameter MAY be included
(issuer) query parameter and a sid (session ID) query by the OP to enable the RP to validate the request and to determine
parameter MAY be included by the OP to enable the RP to which of the potentially multiple sessions is to be logged out;
validate the request and to determine which of the if either is included, both MUST be
potentially multiple sessions is to be logged out; if either
is included, both MUST be
pattern: (^$|^https?://.*) pattern: (^$|^https?://.*)
type: string type: string
grantTypes: grantTypes:
description: description: GrantTypes is an array of grant types the client is allowed
GrantTypes is an array of grant types the client is allowed
to use. to use.
items: items:
description: GrantType represents an OAuth 2.0 grant type description: GrantType represents an OAuth 2.0 grant type
@ -155,10 +144,9 @@ spec:
type: string type: string
type: object type: object
jwksUri: jwksUri:
description: description: JwksUri Define the URL where the JSON Web Key Set should
JwksUri Define the URL where the JSON Web Key Set should be be fetched from when performing the private_key_jwt client authentication
fetched from when performing the private_key_jwt client method.
authentication method.
pattern: (^$|^https?://.*) pattern: (^$|^https?://.*)
type: string type: string
metadata: metadata:
@ -167,22 +155,18 @@ spec:
type: object type: object
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
postLogoutRedirectUris: postLogoutRedirectUris:
description: description: PostLogoutRedirectURIs is an array of the post logout
PostLogoutRedirectURIs is an array of the post logout
redirect URIs allowed for the application redirect URIs allowed for the application
items: items:
description: description: RedirectURI represents a redirect URI for the client
RedirectURI represents a redirect URI for the client
pattern: \w+:/?/?[^\s]+ pattern: \w+:/?/?[^\s]+
type: string type: string
type: array type: array
redirectUris: redirectUris:
description: description: RedirectURIs is an array of the redirect URIs allowed
RedirectURIs is an array of the redirect URIs allowed for for the application
the application
items: items:
description: description: RedirectURI represents a redirect URI for the client
RedirectURI represents a redirect URI for the client
pattern: \w+:/?/?[^\s]+ pattern: \w+:/?/?[^\s]+
type: string type: string
type: array type: array
@ -191,8 +175,8 @@ spec:
ResponseTypes is an array of the OAuth 2.0 response type strings that the client can ResponseTypes is an array of the OAuth 2.0 response type strings that the client can
use at the authorization endpoint. use at the authorization endpoint.
items: items:
description: description: ResponseType represents an OAuth 2.0 response type
ResponseType represents an OAuth 2.0 response type strings strings
enum: enum:
- id_token - id_token
- code - code
@ -221,8 +205,7 @@ spec:
type: string type: string
type: array type: array
secretName: secretName:
description: description: SecretName points to the K8s secret that contains this
SecretName points to the K8s secret that contains this
client's ID and password client's ID and password
maxLength: 253 maxLength: 253
minLength: 1 minLength: 1
@ -230,8 +213,7 @@ spec:
type: string type: string
skipConsent: skipConsent:
default: false default: false
description: description: SkipConsent skips the consent screen for this client.
SkipConsent skips the consent screen for this client.
type: boolean type: boolean
tokenEndpointAuthMethod: tokenEndpointAuthMethod:
allOf: allOf:
@ -245,9 +227,8 @@ spec:
- client_secret_post - client_secret_post
- private_key_jwt - private_key_jwt
- none - none
description: description: Indication which authentication method should be used
Indication which authentication method should be used for for the token endpoint
the token endpoint
type: string type: string
tokenLifespans: tokenLifespans:
description: |- description: |-
@ -258,76 +239,78 @@ spec:
description: |- description: |-
AuthorizationCodeGrantAccessTokenLifespan is the access token lifespan AuthorizationCodeGrantAccessTokenLifespan is the access token lifespan
issued on an authorization_code grant. issued on an authorization_code grant.
pattern: "[0-9]+(ns|us|ms|s|m|h)" pattern: '[0-9]+(ns|us|ms|s|m|h)'
type: string type: string
authorization_code_grant_id_token_lifespan: authorization_code_grant_id_token_lifespan:
description: |- description: |-
AuthorizationCodeGrantIdTokenLifespan is the id token lifespan AuthorizationCodeGrantIdTokenLifespan is the id token lifespan
issued on an authorization_code grant. issued on an authorization_code grant.
pattern: "[0-9]+(ns|us|ms|s|m|h)" pattern: '[0-9]+(ns|us|ms|s|m|h)'
type: string type: string
authorization_code_grant_refresh_token_lifespan: authorization_code_grant_refresh_token_lifespan:
description: |- description: |-
AuthorizationCodeGrantRefreshTokenLifespan is the refresh token lifespan AuthorizationCodeGrantRefreshTokenLifespan is the refresh token lifespan
issued on an authorization_code grant. issued on an authorization_code grant.
pattern: "[0-9]+(ns|us|ms|s|m|h)" pattern: '[0-9]+(ns|us|ms|s|m|h)'
type: string type: string
client_credentials_grant_access_token_lifespan: client_credentials_grant_access_token_lifespan:
description: |- description: |-
AuthorizationCodeGrantRefreshTokenLifespan is the access token lifespan AuthorizationCodeGrantRefreshTokenLifespan is the access token lifespan
issued on a client_credentials grant. issued on a client_credentials grant.
pattern: "[0-9]+(ns|us|ms|s|m|h)" pattern: '[0-9]+(ns|us|ms|s|m|h)'
type: string type: string
implicit_grant_access_token_lifespan: implicit_grant_access_token_lifespan:
description: |- description: |-
ImplicitGrantAccessTokenLifespan is the access token lifespan ImplicitGrantAccessTokenLifespan is the access token lifespan
issued on an implicit grant. issued on an implicit grant.
pattern: "[0-9]+(ns|us|ms|s|m|h)" pattern: '[0-9]+(ns|us|ms|s|m|h)'
type: string type: string
implicit_grant_id_token_lifespan: implicit_grant_id_token_lifespan:
description: |- description: |-
ImplicitGrantIdTokenLifespan is the id token lifespan ImplicitGrantIdTokenLifespan is the id token lifespan
issued on an implicit grant. issued on an implicit grant.
pattern: "[0-9]+(ns|us|ms|s|m|h)" pattern: '[0-9]+(ns|us|ms|s|m|h)'
type: string type: string
jwt_bearer_grant_access_token_lifespan: jwt_bearer_grant_access_token_lifespan:
description: |- description: |-
JwtBearerGrantAccessTokenLifespan is the access token lifespan JwtBearerGrantAccessTokenLifespan is the access token lifespan
issued on a jwt_bearer grant. issued on a jwt_bearer grant.
pattern: "[0-9]+(ns|us|ms|s|m|h)" pattern: '[0-9]+(ns|us|ms|s|m|h)'
type: string type: string
refresh_token_grant_access_token_lifespan: refresh_token_grant_access_token_lifespan:
description: |- description: |-
RefreshTokenGrantAccessTokenLifespan is the access token lifespan RefreshTokenGrantAccessTokenLifespan is the access token lifespan
issued on a refresh_token grant. issued on a refresh_token grant.
pattern: "[0-9]+(ns|us|ms|s|m|h)" pattern: '[0-9]+(ns|us|ms|s|m|h)'
type: string type: string
refresh_token_grant_id_token_lifespan: refresh_token_grant_id_token_lifespan:
description: |- description: |-
RefreshTokenGrantIdTokenLifespan is the id token lifespan RefreshTokenGrantIdTokenLifespan is the id token lifespan
issued on a refresh_token grant. issued on a refresh_token grant.
pattern: "[0-9]+(ns|us|ms|s|m|h)" pattern: '[0-9]+(ns|us|ms|s|m|h)'
type: string type: string
refresh_token_grant_refresh_token_lifespan: refresh_token_grant_refresh_token_lifespan:
description: |- description: |-
RefreshTokenGrantRefreshTokenLifespan is the refresh token lifespan RefreshTokenGrantRefreshTokenLifespan is the refresh token lifespan
issued on a refresh_token grant. issued on a refresh_token grant.
pattern: "[0-9]+(ns|us|ms|s|m|h)" pattern: '[0-9]+(ns|us|ms|s|m|h)'
type: string type: string
type: object type: object
userInfoSignedResponseAlg:
description: UserInfoSignedResponseAlg value specifying the JWS alg
algorithm for signing UserInfo Responses
type: string
required: required:
- grantTypes - grantTypes
- secretName - secretName
type: object type: object
status: status:
description: description: OAuth2ClientStatus defines the observed state of OAuth2Client
OAuth2ClientStatus defines the observed state of OAuth2Client
properties: properties:
conditions: conditions:
items: items:
description: description: OAuth2ClientCondition contains condition information
OAuth2ClientCondition contains condition information for for an OAuth2Client
an OAuth2Client
properties: properties:
status: status:
enum: enum:
@ -343,24 +326,20 @@ spec:
type: object type: object
type: array type: array
observedGeneration: observedGeneration:
description: description: ObservedGeneration represents the most recent generation
ObservedGeneration represents the most recent generation
observed by the daemon set controller. observed by the daemon set controller.
format: int64 format: int64
type: integer type: integer
reconciliationError: reconciliationError:
description: description: ReconciliationError represents an error that occurred
ReconciliationError represents an error that occurred during during the reconciliation process
the reconciliation process
properties: properties:
description: description:
description: description: Description is the description of the reconciliation
Description is the description of the reconciliation
error error
type: string type: string
statusCode: statusCode:
description: description: Code is the status code of the reconciliation error
Code is the status code of the reconciliation error
type: string type: string
type: object type: object
type: object type: object

2
config/default/manager_image_patch.yaml
View File

@ -8,6 +8,6 @@ spec:
spec: spec:
containers: containers:
# Change the value of image field below to your controller image URL # Change the value of image field below to your controller image URL
- image: controller:latest - image: reg.cadoles.com/wpetit/hydra-maester
name: manager name: manager
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent

6
config/rbac/role.yaml
View File

@ -4,7 +4,7 @@ kind: ClusterRole
metadata: metadata:
name: manager-role name: manager-role
rules: rules:
- apiGroups: - apiGroups:
- "" - ""
resources: resources:
- secrets - secrets
@ -16,7 +16,7 @@ rules:
- patch - patch
- update - update
- watch - watch
- apiGroups: - apiGroups:
- hydra.ory.sh - hydra.ory.sh
resources: resources:
- oauth2clients - oauth2clients
@ -28,7 +28,7 @@ rules:
- patch - patch
- update - update
- watch - watch
- apiGroups: - apiGroups:
- hydra.ory.sh - hydra.ory.sh
resources: resources:
- oauth2clients/status - oauth2clients/status

2
hydra/types.go
View File

@ -44,6 +44,7 @@ type OAuth2ClientJSON struct {
RefreshTokenGrantAccessTokenLifespan string `json:"refresh_token_grant_access_token_lifespan,omitempty"` RefreshTokenGrantAccessTokenLifespan string `json:"refresh_token_grant_access_token_lifespan,omitempty"`
RefreshTokenGrantIdTokenLifespan string `json:"refresh_token_grant_id_token_lifespan,omitempty"` RefreshTokenGrantIdTokenLifespan string `json:"refresh_token_grant_id_token_lifespan,omitempty"`
RefreshTokenGrantRefreshTokenLifespan string `json:"refresh_token_grant_refresh_token_lifespan,omitempty"` RefreshTokenGrantRefreshTokenLifespan string `json:"refresh_token_grant_refresh_token_lifespan,omitempty"`
UserInfoSignedResponseAlg string `json:"userinfo_signed_response_alg,omitempty"`
} }
// Oauth2ClientCredentials represents client ID and password fetched from a // Oauth2ClientCredentials represents client ID and password fetched from a
@ -104,6 +105,7 @@ func FromOAuth2Client(c *hydrav1alpha1.OAuth2Client) (*OAuth2ClientJSON, error)
RefreshTokenGrantAccessTokenLifespan: c.Spec.TokenLifespans.RefreshTokenGrantAccessTokenLifespan, RefreshTokenGrantAccessTokenLifespan: c.Spec.TokenLifespans.RefreshTokenGrantAccessTokenLifespan,
RefreshTokenGrantIdTokenLifespan: c.Spec.TokenLifespans.RefreshTokenGrantIdTokenLifespan, RefreshTokenGrantIdTokenLifespan: c.Spec.TokenLifespans.RefreshTokenGrantIdTokenLifespan,
RefreshTokenGrantRefreshTokenLifespan: c.Spec.TokenLifespans.RefreshTokenGrantRefreshTokenLifespan, RefreshTokenGrantRefreshTokenLifespan: c.Spec.TokenLifespans.RefreshTokenGrantRefreshTokenLifespan,
UserInfoSignedResponseAlg: c.Spec.UserInfoSignedResponseAlg,
}, nil }, nil
} }