t.behrendt/authentik-kubernetes-operator
1
0
Fork 0
Code Issues 3 Pull Requests 4 Actions 1 Packages Activity
9 Commits 7 Branches 10 Tags
4f6910c809111623eb75992f4a9038a34472022d
T
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
t.behrendt 4f6910c809 docs
2026-05-16 19:28:24 +02:00
.gitea/workflows
bootstrap
2026-05-11 19:03:07 +02:00
.vscode
mvp working creation of proxy provider
2026-05-15 11:09:20 +02:00
artifacts
docs
2026-05-16 19:28:24 +02:00
hack/api-violations
minimum runnable
2026-05-14 18:55:57 +02:00
pkg
mvp working creation of proxy provider
2026-05-15 11:09:20 +02:00
scripts
minimum runnable
2026-05-14 18:55:57 +02:00
.gitignore
chore: add delve debugging artifacts to gitignore
2026-05-15 19:01:18 +02:00
.gitmodules
minimum runnable
2026-05-14 18:55:57 +02:00
controller.go
refactor: switch to reconsiliation pattern
2026-05-15 19:00:47 +02:00
Dockerfile
bootstrap
2026-05-11 19:03:07 +02:00
go.mod
mvp working creation of proxy provider
2026-05-15 11:09:20 +02:00
go.sum
mvp working creation of proxy provider
2026-05-15 11:09:20 +02:00
LICENSE
Initial commit
2026-05-11 18:53:04 +02:00
main.go
remove unused deployment listener
2026-05-15 16:08:56 +02:00
Makefile
mvp working creation of proxy provider
2026-05-15 11:09:20 +02:00
README.md
docs
2026-05-16 19:28:24 +02:00
renovate.json
bootstrap
2026-05-11 19:03:07 +02:00

README.md

authentik-kubernetes-operator

Authentik Kubernetes Operator allows to manage Authentik resources directly in Kubernetes using Custom Kubernetes Resources.

The custom resources of this operator ultimately will mirror the Authentik resources. New resources will be added as there is a need for them.

Manual changes to the resources in Authentik will be overwritten by the operator. So always manage the resources in Kubernetes.

Custom Resources

Custom Resource CRD File Short Name
ProxyProvider proxyProvider.yaml pp

ProxyProvider

Currently only the "Forward Single" ProxyProvider is supported and only a reduced set of fields are exposed by the custom resources.

Example proxyProvider.yaml:

apiVersion: proxyprovider.t000-n.de/v1
kind: ProxyProvider
metadata:
  name: proxy-provider-example
  namespace: kube-system
spec:
  name: proxy-provider-example
  # The ID of the authorization flow. In this example: "default-provider-authorization-implicit-consent (Authorize Application)"
  authorization_flow: 16896c6d-b326-42d1-8d3f-93f32921962e
  # The ID of the invalidation flow. In this example: "default-provider-invalidation-flow (Logged out of application)"
  invalidation_flow: 7acac1ef-19e3-4a6f-8d8d-14ca7031d184
  # The external host of your application.
  external_host: https://example.t00n.de

The ProxyProvider will be created in Authentik, but will not be assigned to an outpost or an application (Resources are TBD).

Reference in New Issue View Git Blame Copy Permalink
S
Description
No description provided
Readme MIT 1 MiB
Languages
Go 96.7%
Shell 2.1%
Makefile 0.7%
Dockerfile 0.5%