Add simple authconfig to local environment

Signed-off-by: Adam Cattermole <[email protected]>
Kuadrant · Aug 15, 2024 · 1cfaa6e · 1cfaa6e
1 parent 622a0df
commit 1cfaa6e
Show file tree

Hide file tree

Showing 4 changed files with 35 additions and 6 deletions.
diff --git a/make/auth.mk b/make/auth.mk
@@ -83,6 +83,7 @@ endif
 user-apps: ## Deploys talker API and envoy
 	kubectl -n $(NAMESPACE) apply -f https://raw.githubusercontent.com/kuadrant/authorino-examples/main/talker-api/talker-api-deploy.yaml
 	kubectl -n $(NAMESPACE) apply -f $(PROJECT_PATH)/utils/deploy/envoy-$(ENVOY_OVERLAY).yaml
+	kubectl -n $(NAMESPACE) apply -f $(PROJECT_PATH)/utils/deploy/authconfig.yaml
 
 
 ##@ Util

diff --git a/utils/deploy/authconfig.yaml b/utils/deploy/authconfig.yaml
@@ -0,0 +1,28 @@
+---
+apiVersion: authorino.kuadrant.io/v1beta2
+kind: AuthConfig
+metadata:
+  name: talker-api-protection
+spec:
+  hosts:
+    - talker-api.127.0.0.1.nip.io
+  authentication:
+    "friends":
+      apiKey:
+        selector:
+          matchLabels:
+            group: friends
+      credentials:
+        authorizationHeader:
+          prefix: APIKEY
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: api-key-1
+  labels:
+    authorino.kuadrant.io/managed-by: authorino
+    group: friends
+stringData:
+  api_key: "ndyBzreUzF4zqDQsqSPMHkRhriEOtcRx"
+type: Opaque
diff --git a/utils/deploy/envoy-notls.yaml b/utils/deploy/envoy-notls.yaml
@@ -141,16 +141,16 @@ data:
                                       "name": "rlp-ns-A/rlp-name-A",
                                       "domain": "rlp-ns-A/rlp-name-A",
                                       "service": "authorino_wasm",
-                                      "hostnames": ["*.a.com"],
+                                      "hostnames": ["talker-api.127.0.0.1.nip.io"],
                                       "rules": [
                                         {
                                           "conditions": [
                                             {
                                               "allOf": [
                                                 {
-                                                  "selector": "request.host",
+                                                  "selector": "request.path",
                                                   "operator": "eq",
-                                                  "value": "test.a.com"
+                                                  "value": "/hello"
                                                 }
                                               ]
                                             }

diff --git a/utils/deploy/envoy-tls.yaml b/utils/deploy/envoy-tls.yaml
@@ -150,16 +150,16 @@ data:
                                       "name": "rlp-ns-A/rlp-name-A",
                                       "domain": "rlp-ns-A/rlp-name-A",
                                       "service": "authorino_wasm",
-                                      "hostnames": ["*.a.com"],
+                                      "hostnames": ["talker-api.127.0.0.1.nip.io"],
                                       "rules": [
                                         {
                                           "conditions": [
                                             {
                                               "allOf": [
                                                 {
-                                                  "selector": "request.host",
+                                                  "selector": "request.path",
                                                   "operator": "eq",
-                                                  "value": "test.a.com"
+                                                  "value": "/hello"
                                                 }
                                               ]
                                             }