-
Notifications
You must be signed in to change notification settings - Fork 769
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ft(rbac): Cyclops login page for authentication & Integration of Cerbos for Authorization #361
base: main
Are you sure you want to change the base?
Conversation
This looks awesome. Is there a reason you separated this PR from the other? |
I believe, I should close the other PR because I require rbac changes for the UI changes, and I also need to work on the latest branch instead of the rbac branch due to updates in the controller. |
Got it. Could you then close the other PR? Is this one ready for review |
You can review this i'll close that one, and update the Additional Context for this |
Thanks, will do! |
Also before merging the changes, we need to have Further required enhancement part too, and a way to generate admin user |
Hey @siddhantprateek, I started reviewing the PR, but could you separate it into smaller PRs? It's going to be easier to review it and discuss the solution. Especially if we still have some parts of the solution we need to discuss |
ba8e098
to
0f086be
Compare
@siddhantprateek can we put the logout button in the top right on the navbar? Also, we could add the username and role currently used |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@siddhantprateek I noticed that I have to relogin on page refresh. Can we fix that also?
func NewUserConfig() (*UserConfig, error) { | ||
config := ctrl.GetConfigOrDie() | ||
clientset, err := kubernetes.NewForConfig(config) | ||
if err != nil { | ||
return nil, err | ||
} | ||
return &UserConfig{clientset: clientset}, nil | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would prefer to have a struct UserDB
that would be initialized when the service starts and then create the clientset instead of constructing it each time we load a user config. You can also offload that to the K8s client since it already has a k8s clientset that can be queried for user secrets.
closes #48
Preview
cyclops-login.mp4
📑 Description
✅ Checks
ℹ Additional context
username
andpassword
based login:currently the way of creating a user is
the query will be based on the labels
app.kubernetes.io/name: siddhant
same as theusername
Further required enhancement