🔨 Add AUTH_SAML_ROLES field to ConfigMap

2026-02-14 18:09:51 +00:00 · 2024-01-23 23:22:06 +03:00
parent a8dd332ff8
commit f9e0c36d5f
5 changed files with 108 additions and 3 deletions
--- a/config/configStruct.go
+++ b/config/configStruct.go
@@ -59,6 +59,19 @@ func CreateDefaultConfig() ConfigStruct {
 					"CHECKPOINT_RESTORE",
 				},
 			},
+			Auth: configStructs.AuthConfig{
+				Saml: configStructs.SamlConfig{
+					Roles: map[string]configStructs.Role{
+						"admin": {
+							Filter:                "",
+							CanReplayTraffic:      true,
+							CanDownloadPCAP:       true,
+							CanUseScripting:       true,
+							CanUpdateTargetedPods: true,
+						},
+					},
+				},
+			},
 		},
 	}
 }
--- a/config/configStructs/tapConfig.go
+++ b/config/configStructs/tapConfig.go
@@ -82,10 +82,19 @@ type ResourcesConfig struct {
 	Tracer  ResourceRequirements `yaml:"tracer" json:"tracer"`
 }

+type Role struct {
+	Filter                string `yaml:"filter" json:"filter" default:""`
+	CanReplayTraffic      bool   `yaml:"canReplayTraffic" json:"canReplayTraffic" default:"false"`
+	CanDownloadPCAP       bool   `yaml:"canDownloadPCAP" json:"canDownloadPCAP" default:"false"`
+	CanUseScripting       bool   `yaml:"canUseScripting" json:"canUseScripting" default:"false"`
+	CanUpdateTargetedPods bool   `yaml:"canUpdateTargetedPods" json:"canUpdateTargetedPods" default:"false"`
+}
+
 type SamlConfig struct {
-	IdpMetadataUrl string `yaml:"idpMetadataUrl" json:"idpMetadataUrl"`
-	X509crt        string `yaml:"x509crt" json:"x509crt"`
-	X509key        string `yaml:"x509key" json:"x509key"`
+	IdpMetadataUrl string          `yaml:"idpMetadataUrl" json:"idpMetadataUrl"`
+	X509crt        string          `yaml:"x509crt" json:"x509crt"`
+	X509key        string          `yaml:"x509key" json:"x509key"`
+	Roles          map[string]Role `yaml:"roles" json:"roles"`
 }

 type AuthConfig struct {