Skip to content

✨ Keycloak dependency removed. #562

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
jortel wants to merge 15 commits into
base: main
Choose a base branch
from
Open

✨ Keycloak dependency removed. #562

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
cf1056b
checkpoint
jortel May 18, 2026
3264c78
checkpoint
jortel May 18, 2026
1265eb5
checkpoint
jortel May 18, 2026
2281129
checkpoint
jortel May 23, 2026
ece19b7
checkpoint
jortel May 23, 2026
56aef68
checkpoint
jortel May 26, 2026
577e948
checkpoint
jortel May 26, 2026
a5eb5ec
updated seeded clients.
jortel May 26, 2026
3328626
updated AUTH.md
jortel May 26, 2026
a03a105
fixed rbac.
jortel May 26, 2026
1411c51
Tighten up CRDs
jortel May 26, 2026
b68e415
Fixes: IdentityProvider is created before hub_oidc_issuer is derived.
jortel May 26, 2026
94ab33b
Removed side-car oauth proxy support.
jortel May 26, 2026
6cf0d71
:sparkles: Route llm-proxy through hub /services/llm-proxy
fabianvf May 26, 2026
e16e7d8
Merge pull request #1 from fabianvf/llm-proxy-behind-hub
jortel May 27, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
646 changes: 646 additions & 0 deletions AUTH.md
View file
Open in desktop

Large diffs are not rendered by default.

18 changes: 13 additions & 5 deletions bundle/manifests/konveyor-operator.clusterserviceversion.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -148,7 +148,7 @@ metadata:
categories: Modernization & Migration
certified: "false"
containerImage: quay.io/konveyor/tackle2-operator:latest
createdAt: "2026-04-29T10:07:56Z"
createdAt: "2026-05-26T19:45:10Z"
description: Konveyor is an open-source application modernization platform that
helps organizations safely and predictably modernize applications to Kubernetes
at scale.
Expand Down Expand Up @@ -201,6 +201,15 @@ spec:
kind: Extension
name: extensions.tackle.konveyor.io
version: v1alpha1
- kind: IdentityProvider
name: identityproviders.tackle.konveyor.io
version: v1alpha1
- kind: IdpClient
name: idpclients.tackle.konveyor.io
version: v1alpha1
- kind: LdapProvider
name: ldapproviders.tackle.konveyor.io
version: v1alpha1
Comment thread
coderabbitai[bot] marked this conversation as resolved.
- kind: Schema
name: schemas.tackle.konveyor.io
version: v1alpha1
Expand Down Expand Up @@ -331,8 +340,6 @@ spec:
value: konveyor
- name: VERSION
value: 99.0.0
- name: RELATED_IMAGE_OAUTH_PROXY
value: quay.io/openshift/origin-oauth-proxy:latest
- name: RELATED_IMAGE_TACKLE_HUB
value: quay.io/konveyor/tackle2-hub:latest
- name: RELATED_IMAGE_TACKLE_POSTGRES
Expand Down Expand Up @@ -498,6 +505,9 @@ spec:
- tackles/finalizers
- addons
- extensions
- identityproviders
- idpclients
- ldapproviders
- tasks
- schemas
verbs:
Expand Down Expand Up @@ -538,8 +548,6 @@ spec:
name: Konveyor
url: https://www.konveyor.io
relatedImages:
- image: quay.io/openshift/origin-oauth-proxy:latest
name: oauth-proxy
- image: quay.io/konveyor/tackle2-hub:latest
name: tackle-hub
- image: quay.io/sclorg/postgresql-15-c9s:latest
Expand Down
202 changes: 202 additions & 0 deletions bundle/manifests/tackle.konveyor.io_identityproviders.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,202 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.17.0
creationTimestamp: null
name: identityproviders.tackle.konveyor.io
spec:
group: tackle.konveyor.io
names:
kind: IdentityProvider
listKind: IdentityProviderList
plural: identityproviders
shortNames:
- idp
singular: identityprovider
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: IdentityProvider defines external IDP federation settings.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: Spec defines the desired state of the resource.
properties:
clientId:
description: Client ID.
type: string
clientSecret:
description: Client secret reference (optional for public clients).
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: |-
If referring to a piece of an object instead of an entire object, this string
should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within a pod, this would take on a value like:
"spec.containers{name}" (where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only to have some well-defined way of
referencing a part of an object.
type: string
kind:
description: |-
Kind of the referent.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
namespace:
description: |-
Namespace of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
type: string
resourceVersion:
description: |-
Specific resourceVersion to which this reference is made, if any.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
type: string
uid:
description: |-
UID of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
type: string
type: object
x-kubernetes-map-type: atomic
issuer:
description: Issuer URL.
type: string
name:
description: Provider name.
type: string
redirectURI:
description: Redirect URI.
type: string
scopes:
description: OAuth scopes (optional, provider injects defaults if
empty).
items:
type: string
type: array
tls:
description: TLS connection settings.
properties:
ca:
description: |-
CA is a PEM-encoded CA certificate for validating the server certificate.
Use when the server uses a certificate signed by an internal/private CA.
type: string
insecure:
description: |-
Insecure skips server certificate verification.
Use only for development/testing with self-signed certificates.
type: boolean
type: object
required:
- clientId
- issuer
- name
- redirectURI
type: object
Comment thread
coderabbitai[bot] marked this conversation as resolved.
status:
description: Status defines the observed state of the resource.
properties:
conditions:
description: Resource conditions.
items:
description: Condition contains details for one aspect of the current
state of this API Resource.
properties:
lastTransitionTime:
description: |-
lastTransitionTime is the last time the condition transitioned from one status to another.
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: |-
message is a human readable message indicating details about the transition.
This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: |-
observedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: |-
reason contains a programmatic identifier indicating the reason for the condition's last transition.
Producers of specific condition types may define expected values and meanings for this field,
and whether the values are considered a guaranteed API.
The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
observedGeneration:
description: The most recent generation observed by the controller.
format: int64
type: integer
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: null
storedVersions: null
Loading
Loading