Skip to content

Latest commit

 

History

History
106 lines (76 loc) · 3.86 KB

README.md

File metadata and controls

106 lines (76 loc) · 3.86 KB
Raw

rustcloak-operator

This is yet another operator for Keycloak. The novelty of this one is that it covers the whole Keycloak API and therefore allows to manage keycloak instances completely as Kubernetes resources.

Currently rustcloak does not support subgroups.

rustcloak supports a legacy mode where it can be used as a drop-in replacement for the keycloak-realm-operator.

TODO:

  • Support Subgroups
  • Send Kubernetes Events
  • Update state transitions in .status.conditions
  • Update phase in .status.phase
  • Add prometheus metrics

Endpoints

Table of implemented endpoints:

  • AuthenticationFlowRepresentation

    • /admin/realms/{realm}/authentication/flows/{id}

  • AuthenticatorConfigRepresentation

    • /admin/realms/{realm}/authentication/config/{id}

  • ClientRepresentation

    • /admin/realms/{realm}/clients/{client-uuid}

  • ClientScopeRepresentation

    • /admin/realms/{realm}/client-scopes/{client-scope-id}
    • /admin/realms/{realm}/client-templates/{client-scope-id}

  • ComponentRepresentation

    • /admin/realms/{realm}/components/{id}

  • GroupRepresentation

    • /admin/realms/{realm}/groups/{group-id}
    • /admin/realms/{realm}/groups/{group-id}/children

  • IdentityProviderMapperRepresentation

    • /admin/realms/{realm}/identity-provider/instances/{alias}/mappers/{id}

  • IdentityProviderRepresentation

    • /admin/realms/{realm}/identity-provider/instances/{alias}

  • OrganizationRepresentation

    • /admin/realms/{realm}/organizations/{id}

  • ProtocolMapperRepresentation

    • /admin/realms/{realm}/client-scopes/{client-scope-id}/protocol-mappers/models/{id}
    • /admin/realms/{realm}/client-templates/{client-scope-id}/protocol-mappers/models/{id}
    • /admin/realms/{realm}/clients/{client-uuid}/protocol-mappers/models/{id}

  • RealmRepresentation

    • /admin/realms/{realm}

  • RequiredActionProviderRepresentation

    • /admin/realms/{realm}/authentication/required-actions/{alias}

  • ResourceRepresentation

    • /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/resource/{resource-id}

  • RoleRepresentation

    • /admin/realms/{realm}/clients/{client-uuid}/roles/{role-name}
    • /admin/realms/{realm}/roles/{role-name}

  • ScopeRepresentation

    • /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/scope/{scope-id}

  • UserRepresentation

    • /admin/realms/{realm}/users/{user-id}

Comments on the License

The AGPL license can seem daunting at first, so here are some clarifications on how we interpret it in Rustcloak:

  • CRD Manifests: Custom Resource Definitions (CRD) manifests are configurations, not modifications of Rustcloak, and are therefore not considered derived work under the AGPL.

  • Using the Official Docker Image: If you use the official Rustcloak Docker image without changes, you only need to provide a link to the repository to those who directly interact with Rustcloak itself. This does not include the end-users of applications managed by Rustcloak, but may apply if you provide rustcloak as a service to others.

  • Using Rustcloak in Your Own Docker Image: If you include Rustcloak in a custom Docker image without modifying its code, the same rules apply as when using the official image.

  • Modifying Rustcloak’s Code: If you make any changes to the Rustcloak binary, AGPL requirements mean you may need to share the modified source code with users who interact with your modified instance. To simplify compliance, we encourage contributing these changes back to the upstream project.