onecx-permission-bff
Default properties
src/main/resources/application.properties
quarkus.http.auth.permission.health.paths=/q/*
quarkus.http.auth.permission.health.policy=permit
quarkus.http.auth.permission.default.paths=/*
quarkus.http.auth.permission.default.policy=authenticated
onecx.permissions.application-id=${quarkus.application.name}
org.eclipse.microprofile.rest.client.propagateHeaders=apm-principal-token
%prod.quarkus.rest-client.onecx_permission_svc.url=http://onecx-permission-svc:8080
%prod.quarkus.rest-client.onecx_workspace_svc.url=http://onecx-workspace-svc:8080
%prod.quarkus.rest-client.onecx_product_store_svc.url=http://onecx-product-store-svc:8080
%prod.quarkus.rest-client.onecx_iam_svc.url=http://onecx-iam-svc:8080
quarkus.openapi-generator.codegen.input-base-dir=target/tmp/openapi
quarkus.openapi-generator.codegen.spec.onecx_permission_svc_yaml.config-key=onecx_permission_svc
quarkus.openapi-generator.codegen.spec.onecx_permission_svc_yaml.base-package=gen.org.tkit.onecx.permission.client
quarkus.openapi-generator.codegen.spec.onecx_permission_svc_yaml.return-response=true
quarkus.openapi-generator.codegen.spec.onecx_permission_svc_yaml.additional-api-type-annotations=@org.eclipse.microprofile.rest.client.annotation.RegisterClientHeaders;
quarkus.openapi-generator.codegen.spec.onecx_permission_svc_yaml.additional-model-type-annotations=@io.quarkus.runtime.annotations.RegisterForReflection;
quarkus.openapi-generator.codegen.spec.onecx_permission_svc_yaml.enable-security-generation=false
quarkus.openapi-generator.codegen.spec.onecx_permission_exim_svc_yaml.config-key=onecx_permission_svc
quarkus.openapi-generator.codegen.spec.onecx_permission_exim_svc_yaml.base-package=gen.org.tkit.onecx.permission.exim.client
quarkus.openapi-generator.codegen.spec.onecx_permission_exim_svc_yaml.return-response=true
quarkus.openapi-generator.codegen.spec.onecx_permission_exim_svc_yaml.additional-api-type-annotations=@org.eclipse.microprofile.rest.client.annotation.RegisterClientHeaders;
quarkus.openapi-generator.codegen.spec.onecx_permission_exim_svc_yaml.additional-model-type-annotations=@io.quarkus.runtime.annotations.RegisterForReflection;
quarkus.openapi-generator.codegen.spec.onecx_permission_exim_svc_yaml.enable-security-generation=false
quarkus.openapi-generator.codegen.spec.onecx_workspace_svc_v1_yaml.config-key=onecx_workspace_svc
quarkus.openapi-generator.codegen.spec.onecx_workspace_svc_v1_yaml.base-package=gen.org.tkit.onecx.permission.client
quarkus.openapi-generator.codegen.spec.onecx_workspace_svc_v1_yaml.return-response=true
quarkus.openapi-generator.codegen.spec.onecx_workspace_svc_v1_yaml.additional-api-type-annotations=@org.eclipse.microprofile.rest.client.annotation.RegisterClientHeaders;
quarkus.openapi-generator.codegen.spec.onecx_workspace_svc_v1_yaml.additional-model-type-annotations=@io.quarkus.runtime.annotations.RegisterForReflection;
quarkus.openapi-generator.codegen.spec.onecx_workspace_svc_v1_yaml.enable-security-generation=false
quarkus.openapi-generator.codegen.spec.onecx_product_store_svc_v1_yaml.config-key=onecx_product_store_svc
quarkus.openapi-generator.codegen.spec.onecx_product_store_svc_v1_yaml.base-package=gen.org.tkit.onecx.product.store.client
quarkus.openapi-generator.codegen.spec.onecx_product_store_svc_v1_yaml.return-response=true
quarkus.openapi-generator.codegen.spec.onecx_product_store_svc_v1_yaml.additional-api-type-annotations=@org.eclipse.microprofile.rest.client.annotation.RegisterClientHeaders;
quarkus.openapi-generator.codegen.spec.onecx_product_store_svc_v1_yaml.additional-model-type-annotations=@io.quarkus.runtime.annotations.RegisterForReflection;
quarkus.openapi-generator.codegen.spec.onecx_product_store_svc_v1_yaml.enable-security-generation=false
quarkus.openapi-generator.codegen.spec.onecx_iam_svc_v1_yaml.config-key=onecx_iam_svc
quarkus.openapi-generator.codegen.spec.onecx_iam_svc_v1_yaml.base-package=gen.org.tkit.onecx.iam.client
quarkus.openapi-generator.codegen.spec.onecx_iam_svc_v1_yaml.return-response=true
quarkus.openapi-generator.codegen.spec.onecx_iam_svc_v1_yaml.additional-api-type-annotations=@org.eclipse.microprofile.rest.client.annotation.RegisterClientHeaders;
quarkus.openapi-generator.codegen.spec.onecx_iam_svc_v1_yaml.model-name-suffix=IamV1
quarkus.openapi-generator.codegen.spec.onecx_iam_svc_v1_yaml.additional-model-type-annotations=@io.quarkus.runtime.annotations.RegisterForReflection;
quarkus.openapi-generator.codegen.spec.onecx_iam_svc_v1_yaml.enable-security-generation=false
%prod.quarkus.rest-client.onecx_permission_svc.providers=io.quarkus.oidc.client.reactive.filter.OidcClientRequestReactiveFilter
%prod.quarkus.rest-client.onecx_workspace_svc.providers=io.quarkus.oidc.client.reactive.filter.OidcClientRequestReactiveFilter
%prod.quarkus.rest-client.onecx_product_store_svc.providers=io.quarkus.oidc.client.reactive.filter.OidcClientRequestReactiveFilter
%prod.quarkus.rest-client.onecx_iam_svc.providers=io.quarkus.oidc.client.reactive.filter.OidcClientRequestReactiveFilter
%prod.quarkus.oidc-client.client-id=${quarkus.application.name}Extensions
Extensions |
Documentation |
Configuration |
Version |
|---|---|---|---|
quarkus-rest |
3.27.1 |
||
quarkus-smallrye-openapi |
3.27.1 |
||
quarkus-rest-jackson |
3.27.1 |
||
quarkus-smallrye-health |
3.27.1 |
||
quarkus-openapi-generator |
2.13.0-lts |
||
quarkus-rest-client-jackson |
3.27.1 |
||
tkit-quarkus-log-cdi |
4.6.0 |
||
tkit-quarkus-log-rs |
4.6.0 |
||
tkit-quarkus-log-json |
4.6.0 |
||
tkit-quarkus-rest |
4.6.0 |
||
tkit-quarkus-rest-context |
4.6.0 |
||
tkit-quarkus-security |
4.6.0 |
||
quarkus-hibernate-validator |
3.27.1 |
||
onecx-permissions |
2.3.0 |
||
quarkus-oidc |
3.27.1 |
||
onecx-core |
2.3.0 |
||
quarkus-micrometer-registry-prometheus |
3.27.1 |
||
quarkus-opentelemetry |
3.27.1 |
||
quarkus-arc |
3.27.1 |
||
quarkus-container-image-docker |
3.27.1 |
||
quarkus-rest-client-oidc-filter |
3.27.1 |
| | | 3.20.2.1
|===th
| | | 2.40.0
=== Container === Helm Default values .src/main/helm/values.yaml [source,yaml] ---- app: name: bff image: repository: "onecx/onecx-permission-bff" operator: # Permission permission: enabled: true spec: permissions: permission: read: permission on all GET requests and POST search write: permission on PUT, POST, PATCH requests, where objects are saved or updated delete: permission on all DELETE requests role: read: permission on all GET requests and POST search write: permission on PUT, POST, PATCH requests, where objects are saved or updated delete: permission on all DELETE requests assignment: read: permission on all GET requests and POST search write: permission on PUT, POST, PATCH requests, where objects are saved or updated delete: permission on all DELETE requests application: read: permission on all GET requests and POST search write: permission on PUT, POST, PATCH requests, where objects are saved or updated delete: permission on all DELETE requests workspace: read: permission on all GET requests and POST search write: permission on PUT, POST, PATCH requests, where objects are saved or updated delete: permission on all DELETE requests keycloak: client: enabled: true spec: kcConfig: defaultClientScopes: [ ocx-pm:all, ocx-pm:read, ocx-pm:write, ocx-ws:read, ocx-ps:read, ocx-ia:read ] microservice: spec: description: OneCX Permission Backend For Frontend name: OneCX Permission BFF ---- description: OneCX Permission Backend For Frontend name: OneCX Permission BFF ---- - s=optional] :docker-registry: https://github.com/onecx/onecx-permission-bff/pkgs/container/onecx-permission-bff :helm-registry: https://github.com/onecx/onecx-permission-bff/pkgs/container/charts%2Fonecx-permission-bff :properties-file: src/main/resources/application.properties :helm-file: src/main/helm/values.yaml === Default properties .src/main/resources/application.properties [%collapsible%open] ==== [source,properties,subs=attributes+] ---- quarkus.http.auth.permission.health.paths=/q/* quarkus.http.auth.permission.health.policy=permit quarkus.http.auth.permission.default.paths=/* quarkus.http.auth.permission.default.policy=authenticated onecx.permissions.application-id=${quarkus.application.name} org.eclipse.microprofile.rest.client.propagateHeaders=apm-principal-token %prod.quarkus.rest-client.onecx_permission_svc.url=http://onecx-permission-svc:8080 %prod.quarkus.rest-client.onecx_workspace_svc.url=http://onecx-workspace-svc:8080 %prod.quarkus.rest-client.onecx_product_store_svc.url=http://onecx-product-store-svc:8080 %prod.quarkus.rest-client.onecx_iam_svc.url=http://onecx-iam-svc:8080 quarkus.openapi-generator.codegen.input-base-dir=target/tmp/openapi quarkus.openapi-generator.codegen.spec.onecx_permission_svc_yaml.config-key=onecx_permission_svc quarkus.openapi-generator.codegen.spec.onecx_permission_svc_yaml.base-package=gen.org.tkit.onecx.permission.client quarkus.openapi-generator.codegen.spec.onecx_permission_svc_yaml.return-response=true quarkus.openapi-generator.codegen.spec.onecx_permission_svc_yaml.additional-api-type-annotations=@org.eclipse.microprofile.rest.client.annotation.RegisterClientHeaders; quarkus.openapi-generator.codegen.spec.onecx_permission_svc_yaml.additional-model-type-annotations=@io.quarkus.runtime.annotations.RegisterForReflection; quarkus.openapi-generator.codegen.spec.onecx_permission_svc_yaml.enable-security-generation=false quarkus.openapi-generator.codegen.spec.onecx_permission_exim_svc_yaml.config-key=onecx_permission_svc quarkus.openapi-generator.codegen.spec.onecx_permission_exim_svc_yaml.base-package=gen.org.tkit.onecx.permission.exim.client quarkus.openapi-generator.codegen.spec.onecx_permission_exim_svc_yaml.return-response=true quarkus.openapi-generator.codegen.spec.onecx_permission_exim_svc_yaml.additional-api-type-annotations=@org.eclipse.microprofile.rest.client.annotation.RegisterClientHeaders; quarkus.openapi-generator.codegen.spec.onecx_permission_exim_svc_yaml.additional-model-type-annotations=@io.quarkus.runtime.annotations.RegisterForReflection; quarkus.openapi-generator.codegen.spec.onecx_permission_exim_svc_yaml.enable-security-generation=false quarkus.openapi-generator.codegen.spec.onecx_workspace_svc_v1_yaml.config-key=onecx_workspace_svc quarkus.openapi-generator.codegen.spec.onecx_workspace_svc_v1_yaml.base-package=gen.org.tkit.onecx.permission.client quarkus.openapi-generator.codegen.spec.onecx_workspace_svc_v1_yaml.return-response=true quarkus.openapi-generator.codegen.spec.onecx_workspace_svc_v1_yaml.additional-api-type-annotations=@org.eclipse.microprofile.rest.client.annotation.RegisterClientHeaders; quarkus.openapi-generator.codegen.spec.onecx_workspace_svc_v1_yaml.additional-model-type-annotations=@io.quarkus.runtime.annotations.RegisterForReflection; quarkus.openapi-generator.codegen.spec.onecx_workspace_svc_v1_yaml.enable-security-generation=false quarkus.openapi-generator.codegen.spec.onecx_product_store_svc_v1_yaml.config-key=onecx_product_store_svc quarkus.openapi-generator.codegen.spec.onecx_product_store_svc_v1_yaml.base-package=gen.org.tkit.onecx.product.store.client quarkus.openapi-generator.codegen.spec.onecx_product_store_svc_v1_yaml.return-response=true quarkus.openapi-generator.codegen.spec.onecx_product_store_svc_v1_yaml.additional-api-type-annotations=@org.eclipse.microprofile.rest.client.annotation.RegisterClientHeaders; quarkus.openapi-generator.codegen.spec.onecx_product_store_svc_v1_yaml.additional-model-type-annotations=@io.quarkus.runtime.annotations.RegisterForReflection; quarkus.openapi-generator.codegen.spec.onecx_product_store_svc_v1_yaml.enable-security-generation=false quarkus.openapi-generator.codegen.spec.onecx_iam_svc_v1_yaml.config-key=onecx_iam_svc quarkus.openapi-generator.codegen.spec.onecx_iam_svc_v1_yaml.base-package=gen.org.tkit.onecx.iam.client quarkus.openapi-generator.codegen.spec.onecx_iam_svc_v1_yaml.return-response=true quarkus.openapi-generator.codegen.spec.onecx_iam_svc_v1_yaml.additional-api-type-annotations=@org.eclipse.microprofile.rest.client.annotation.RegisterClientHeaders; quarkus.openapi-generator.codegen.spec.onecx_iam_svc_v1_yaml.model-name-suffix=IamV1 quarkus.openapi-generator.codegen.spec.onecx_iam_svc_v1_yaml.additional-model-type-annotations=@io.quarkus.runtime.annotations.RegisterForReflection; quarkus.openapi-generator.codegen.spec.onecx_iam_svc_v1_yaml.enable-security-generation=false %prod.quarkus.rest-client.onecx_permission_svc.providers=io.quarkus.oidc.client.reactive.filter.OidcClientRequestReactiveFilter %prod.quarkus.rest-client.onecx_workspace_svc.providers=io.quarkus.oidc.client.reactive.filter.OidcClientRequestReactiveFilter %prod.quarkus.rest-client.onecx_product_store_svc.providers=io.quarkus.oidc.client.reactive.filter.OidcClientRequestReactiveFilter %prod.quarkus.rest-client.onecx_iam_svc.providers=io.quarkus.oidc.client.reactive.filter.OidcClientRequestReactiveFilter %prod.quarkus.oidc-client.client-id=${quarkus.application.name} ---- ==== === Extensions :docker-registry: https://github.com/onecx/onecx-permission-bff/pkgs/container/onecx-permission-bff :helm-registry: https://github.com/onecx/onecx-permission-bff/pkgs/container/charts%2Fonecx-permission-bff :properties-file: src/main/resources/application.properties :helm-file: src/main/helm/values.yaml [.extension.table.searchable, cols="50,.15,.15,.^20"] |
h| Extensions h| Documentation h| Configuration h| Version
| quarkus-rest
| quarkus-smallrye-openapi
| quarkus-rest-jackson
| Link | | 3.27.1
| quarkus-smallrye-health
| quarkus-openapi-generator
| quarkus-rest-client-jackson
| Link | | 3.27.1
| tkit-quarkus-log-cdi
| tkit-quarkus-log-rs
| tkit-quarkus-log-json
| tkit-quarkus-rest
| tkit-quarkus-rest-context
| tkit-quarkus-security
| quarkus-hibernate-validator
| onecx-permissions
| quarkus-oidc
| onecx-core
| Link | | 2.3.0
| quarkus-micrometer-registry-prometheus
| quarkus-opentelemetry
| quarkus-arc
| quarkus-container-image-docker
| quarkus-rest-client-oidc-filter
| | | 3.27.1
3.20.2.1 |
===th |
2.40.0 |
Helm
Default values
app:
name: bff
image:
repository: "onecx/onecx-permission-bff"
operator:
# Permission
permission:
enabled: true
spec:
permissions:
permission:
read: permission on all GET requests and POST search
write: permission on PUT, POST, PATCH requests, where objects are saved or updated
delete: permission on all DELETE requests
role:
read: permission on all GET requests and POST search
write: permission on PUT, POST, PATCH requests, where objects are saved or updated
delete: permission on all DELETE requests
assignment:
read: permission on all GET requests and POST search
write: permission on PUT, POST, PATCH requests, where objects are saved or updated
delete: permission on all DELETE requests
application:
read: permission on all GET requests and POST search
write: permission on PUT, POST, PATCH requests, where objects are saved or updated
delete: permission on all DELETE requests
workspace:
read: permission on all GET requests and POST search
write: permission on PUT, POST, PATCH requests, where objects are saved or updated
delete: permission on all DELETE requests
keycloak:
client:
enabled: true
spec:
kcConfig:
defaultClientScopes: [ ocx-pm:all, ocx-pm:read, ocx-pm:write, ocx-ws:read, ocx-ps:read, ocx-ia:read ]
microservice:
spec:
description: OneCX Permission Backend For Frontend
name: OneCX Permission BFFdescription: OneCX Permission Backend For Frontend
name: OneCX Permission BFF
-