CadolesKube/hydra-maester
7
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
hydra-maester/README.md
Jakub Błaszczyk ede5d881eb
feat: move release to gha (#137)
2023-10-26 15:32:50 +02:00

96 lines
4.6 KiB
Markdown
Raw Permalink Blame History

<!-- START doctoc generated TOC please keep comment here to allow auto update -->
<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
- [Ory Hydra Maester](#ory-hydra-maester)
- [Prerequisites](#prerequisites)
- [Design](#design)
- [How to use it](#how-to-use-it)
- [Command-line flags](#command-line-flags)
- [Development](#development)
- [Testing](#testing)
<!-- END doctoc generated TOC please keep comment here to allow auto update -->
# Ory Hydra Maester
⚠️ ⚠️ ⚠️
> Ory Hydra Maester is developed by the Ory community and is not actively
> maintained by Ory core maintainers due to lack of resources, time, and
> knolwedge. As such please be aware that there might be issues with the system.
> If you have ideas for better testing and development principles please open an
> issue or PR!
⚠️ ⚠️ ⚠️
This project contains a Kubernetes controller that uses Custom Resources (CR) to
manage Hydra Oauth2 clients. ORY Hydra Maester watches for instances of
`oauth2clients.hydra.ory.sh/v1alpha1` CR and creates, updates, or deletes
corresponding OAuth2 clients by communicating with ORY Hydra's API.
Visit Hydra-maester's
[chart documentation](https://github.com/ory/k8s/blob/master/docs/helm/hydra-maester.md)
and view [sample OAuth2 client resources](config/samples) to learn more about
the `oauth2clients.hydra.ory.sh/v1alpha1` CR.
The project is based on
[Kubebuilder](https://github.com/kubernetes-sigs/kubebuilder).
## Prerequisites
- recent version of Go language with support for modules (e.g: 1.12.6)
- make
- kubectl
- kustomize
- [kubebuilder](https://github.com/kubernetes-sigs/kubebuilder) for running
tests
- [ginkgo](https://onsi.github.io/ginkgo/) for local integration testing
- access to K8s environment: minikube or a remote K8s cluster
- [mockery](https://github.com/vektra/mockery) to generate mocks for testing
purposes
## Design
Take a look at [Design Readme](./docs/README.md).
## How to use it
- `make test` to run tests
- `make test-integration` to run integration tests
- `make install` to generate CRD file from go sources and install it on the
cluster
- `export HYDRA_URL={HYDRA_SERVICE_URL} && make run` to run the controller
To deploy the controller, edit the value of the `--hydra-url` argument in the
[manager.yaml](config/manager/manager.yaml) file and run `make deploy`.
### Command-line flags
| Name | Required | Description | Default value | Example values |
| ---------------------------- | -------- | ---------------------------------------------------------------------------------------------------------------- | ------------- | ---------------------------------------- |
| **hydra-url** | yes | ORY Hydra's service address | - | ` ory-hydra-admin.ory.svc.cluster.local` |
| **hydra-port** | no | ORY Hydra's service port | `4445` | `4445` |
| **tls-trust-store** | no | TLS cert path for hydra client | `""` | `/etc/ssl/certs/ca-certificates.crt` |
| **insecure-skip-verify** | no | Skip http client insecure verification | `false` | `true` or `false` |
| **namespace** | no | Namespace in which the controller should operate. Setting this will make the controller ignore other namespaces. | `""` | `"my-namespace"` |
| **leader-elector-namespace** | no | Leader elector namespace where controller should be set. | `""` | `"my-namespace"` |
### Environmental Variables
| Variable name | Default value | Example value |
| :---------------------- | ------------------- | --------------------- |
| `**CLIENT_ID_KEY**` | `**CLIENT_ID**` | `**MY_SECRET_NAME**` |
| `**CLIENT_SECRET_KEY**` | `**CLIENT_SECRET**` | `**MY_SECRET_VALUE**` |
## Development
### Testing
Use mockery to generate mock types that implement existing interfaces. To
generate a mock type for an interface, navigate to the directory containing that
interface and run this command:
```
mockery -name={INTERFACE_NAME}
```
Reference in New Issue View Git Blame Copy Permalink