Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add default-authorization-mode feature flag #7974

Closed
creydr opened this issue Jun 10, 2024 · 1 comment · Fixed by #7996
Closed

Add default-authorization-mode feature flag #7974

creydr opened this issue Jun 10, 2024 · 1 comment · Fixed by #7996
Assignees
@pierDipi
Labels
good first issue Denotes an issue ready for a new contributor, according to the "help wanted" guidelines. help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. triage/accepted Issues which should be fixed (post-triage)

Comments

@creydr
Copy link
Member

creydr commented Jun 10, 2024

As the Eventing Authorization describes the feature track leverages a new config-features configuration called default-authorization-mode.

We should add:

  • the new flag in https://github.com/knative/eventing/blob/main/config/core/configmaps/features.yaml with value allow-all
  • the new flag name in https://github.com/knative/eventing/blob/main/pkg/apis/feature/flag_names.go
  • The additional possible flag values: [allow-all, deny-all, allow-same-namespace] in

    eventing/pkg/apis/feature/features.go

    Lines 30 to 47 in 844dcbf

    // Enabled turns on an optional behavior.
    Enabled Flag = "Enabled"
    // Disabled turns off an optional behavior.
    Disabled Flag = "Disabled"
    // Allowed neither explicitly disables or enables a behavior.
    // eg. allow a client to control behavior with an annotation or allow a new value through validation.
    Allowed Flag = "Allowed"
    // Strict is only applicable to the TransportEncryption feature.
    // The following applies:
    // - Addressables must not accept events to non-HTTPS endpoints
    // - Addressables must only advertise HTTPS endpoints
    Strict Flag = "Strict"
    // Permissive is only applicable to the TransportEncryption feature.
    // The following applies:
    // - Addressables should accept events at both HTTP and HTTPS endpoints
    // - Addressables should advertise both HTTP and HTTPS endpoints
    // - Producers should prefer to send events to HTTPS endpoints, if available
    Permissive Flag = "Permissive"

Additional hints for new contributors before starting with this issue:

  1. When the issue has the Draft status, the issue is subject to change and thus should not be started to be worked on
  2. Make sure you've read and understood the CONTRIBUTING.md guidelines
  3. Make sure you're able to run Knative Eventing locally and run at least the unit tests.
  4. When you feel comfortable with this issue, feel free to assign it to you (e.g. by commenting /assign) and ask any question you have. Please be aware that we might unassign you, if we don't see any progress from your side to give other contributors also a chance to work on this issue.
@creydr creydr added good first issue Denotes an issue ready for a new contributor, according to the "help wanted" guidelines. help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. labels Jun 10, 2024
This was referenced Jun 10, 2024
Closed
Closed
Closed
@pierDipi
Copy link
Member

/assign

@pierDipi pierDipi mentioned this issue Jun 12, 2024
Merged
5 tasks
@creydr creydr added the triage/accepted Issues which should be fixed (post-triage) label Jun 13, 2024
@creydr creydr mentioned this issue Aug 19, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@pierDipi pierDipi

Labels
good first issue Denotes an issue ready for a new contributor, according to the "help wanted" guidelines. help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. triage/accepted Issues which should be fixed (post-triage)
Projects
Eventing Authorization
Status: ✅ Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add default-authorization-mode feature flag pierDipi/eventing
2 participants
@creydr @pierDipi