t.behrendt/authentik-kubernetes-operator
1
0
Fork 0
Code Issues 3 Pull Requests 4 Actions Packages Activity

docs: update docs
CI / image check (pull_request) Successful in 58s
Details
CI / install-dependencies (pull_request) Successful in 1m27s
Details
CI / build check (pull_request) Successful in 25s
Details
CI / test (pull_request) Successful in 24s
Details
CI / check lint (pull_request) Successful in 3m11s
Details
CI / check format (pull_request) Successful in 6m23s
Details

Browse Source
This commit is contained in:
Timo Behrendt
2026-05-18 20:48:19 +02:00
parent 7311822b83
commit ac560e207b
3 changed files with 56 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+40
View File
@@ -11,6 +11,8 @@ Manual changes to the resources in Authentik will be overwritten by the operator
| Custom Resource | CRD File | Short Name | | Custom Resource | CRD File | Short Name |
| --------------- | ---------------------------------------------------------- | ---------- | | --------------- | ---------------------------------------------------------- | ---------- |
| ProxyProvider | [`proxyProvider.yaml`](`artifacts/crd/proxyProvider.yaml`) | pp | | ProxyProvider | [`proxyProvider.yaml`](`artifacts/crd/proxyProvider.yaml`) | pp |
| Application | [`application.yaml`](`artifacts/crd/application.yaml`) | app |
| PolicyBinding | [`policyBinding.yaml`](`artifacts/crd/policyBinding.yaml`) | pb |
### ProxyProvider ### ProxyProvider
@@ -36,6 +38,44 @@ spec:
The ProxyProvider will be created in Authentik, but will not be assigned to an outpost or an application (Resources are TBD). The ProxyProvider will be created in Authentik, but will not be assigned to an outpost or an application (Resources are TBD).
### Application
The Application only supports a reduced set of fields.
Example [`application.yaml`](`artifacts/examples/application.yaml`):
```yaml
apiVersion: application.t000-n.de/v1alpha1
kind: Application
metadata:
name: application-example
spec:
name: Application Example
slug: application-example
# The ID of the provider, which can be retrieved from e.g. the ProxyPRovider via "kubectl get pp proxy-provider-example -o jsonpath='{.status.pk}'"
provider: 105
```
### PolicyBinding
The PolicyBinding is used to bind a policy to a target, e.g. allow a group or user to access an application.
The PolicyBinding only supports a reduced set of fields.
Example [`policyBinding.yaml`](`artifacts/examples/policyBinding.yaml`):
```yaml
apiVersion: policybinding.t000-n.de/v1alpha1
kind: PolicyBinding
metadata:
name: policy-binding-example
spec:
group: 14ab813f-a7f9-481b-9b08-781953ae9ebf
# The ID of the target, e.g. an Application, which can be retrieved from e.g. the Application via "kubectl get app application-example -o jsonpath='{.status.pk}'"
target: 8dd85627-9c48-49c2-8afc-d73dd122ffc2
# The order in which the policy is applied. This needs to be unique for each PolicyBinding.
order: 1
```
## Versioning ## Versioning
As soon as the operator covers an entire use case, the version will be raised to v1 and follow default versioning rules. Before that, the version will be v1alpha1. As soon as the operator covers an entire use case, the version will be raised to v1 and follow default versioning rules. Before that, the version will be v1alpha1.
artifacts/examples/application.yaml
+8
View File
@@ -0,0 +1,8 @@
apiVersion: application.t000-n.de/v1alpha1
kind: Application
metadata:
name: application-example
spec:
name: Application Example
slug: application-example
provider: 105
artifacts/examples/policyBinding.yaml
+8
View File
@@ -0,0 +1,8 @@
apiVersion: policybinding.t000-n.de/v1alpha1
kind: PolicyBinding
metadata:
name: policy-binding-example
spec:
group: 14ab813f-a7f9-481b-9b08-781953ae9ebf
target: 8dd85627-9c48-49c2-8afc-d73dd122ffc2
order: 1