* chore: Remove misleading helm labels
The downloaded yaml for relay clients contains misleading labelling
and annotations, remove them
Signed-off-by: Alan Clucas <alan@clucas.org>
* fix: Set managed-by: paralus for all objects
Signed-off-by: Alan Clucas <alan@clucas.org>
* chore: go generate
Signed-off-by: Alan Clucas <alan@clucas.org>
---------
Signed-off-by: Alan Clucas <alan@clucas.org>
Allow mapping more than one IdP groups to an OIdC identity. This
commit upgrades the kratos version (v0.11.0). Kratos v0.11.0 parses
all id token claims into `raw_claims`. The `raw_claims` can be used in
JsonNet mapper to map non-standard claims like `groups` to identity
traits.
Fixes#109
This also includes:
* Remove verbose bug debug logs
* Removes elasticsearch service from docker compose file
Signed-off-by: Akshay Gaikwad <akgaikwad001@gmail.com>
multiple bootstrap requests and separated the fingerprint mismatch error which binds a target cluster with bootstrap yaml
Signed-off-by: niravparikh05 <nir.parikh05@gmail.com>
Server was ignoring cluster description of a request. This commit is
persisting cluster description to db.
Signed-off-by: Akshay Gaikwad <akgaikwad001@gmail.com>
* Upgrade kratos service to v0.10.1
Signed-off-by: Akshay Gaikwad <akgaikwad001@gmail.com>
* Upgrade kratos-client-go to v0.10.1
Signed-off-by: Akshay Gaikwad <akgaikwad001@gmail.com>
* generate password feature for kratos admin creation
Signed-off-by: Akshay Gaikwad <akgaikwad001@gmail.com>
* Add forceReset property in user spec
Signed-off-by: Akshay Gaikwad <akgaikwad001@gmail.com>
* added forcereset in the init script
Signed-off-by: mabhi <abhijit.mukherjee@infracloud.io>
* Resolve conflicts
Signed-off-by: Akshay Gaikwad <akgaikwad001@gmail.com>
* Stdout default admin password in initialize script
Signed-off-by: Akshay Gaikwad <akgaikwad001@gmail.com>
* setting password for new user and sending default password in create user response
Signed-off-by: mabhi <abhijit.mukherjee@infracloud.io>
* added new endpoint to service force reset flag update after resetting complete outside authz
Signed-off-by: mabhi <abhijit.mukherjee@infracloud.io>
* removed unnecessary overhead in the forcereset endpoint and updated user type proto to remove unused fields
Signed-off-by: mabhi <abhijit.mukherjee@infracloud.io>
The following could be used as an optimisation when we are filtering
just by user, but decided to omit as of now.
```
usrs, err = dao.ListFilteredUsersWithGroup(ctx, s.db,
[]uuid.UUID{}, groupId, queryOptions.Q, queryOptions.Type,
queryOptions.OrderBy, queryOptions.Order,
int(queryOptions.Limit), int(queryOptions.Offset))
```
- Returns client secret on GET request, so that when UI made
modification to OIdC provider, it should be able to send back the
client secret to PUT request.
- Fix issuer url validation when udpate.
When we soft delete oidc provider entry which we are doing for delete
provider API endpoint, we cannot create new oidc provider entry with a
same name due to unique constraint violation on name. Applying unique
constraint to name,trash will allow to create new oidc provider entry
with a same name, but fail on deleting that entry because it violates
unique constraint. Hence this commit adds unique constraint
to (id,name) combined.
