feat(endpoint-exposer): OPA authorization, JWT, tests y pre-commit hook#17
Open
sebastiancorrea81 wants to merge 42 commits into
Open
feat(endpoint-exposer): OPA authorization, JWT, tests y pre-commit hook#17sebastiancorrea81 wants to merge 42 commits into
sebastiancorrea81 wants to merge 42 commits into
Conversation
feat: implement external dns and httproute feat: change logic to get specification id feat: add switch for different dns types feat: add switch for different dns types feat: add endpoint exposer service specs feat: add domain editable feat: add domain editable feat: implement new route schema feat: implement new route schema feat: implement new route schema feat: implement new route schema feat: implement new route schema feat: implement new route schema fix: get scope fix: get scope fix: path fix: get httproute if exists fix: get httproute if exists fix: get httproute rules feat: implement echo for link and unlink feat: implement echo for link and unlink feat: implement echo for link and unlink feat: implement echo for link and unlink feat: implement echo for link and unlink chore: change service slug feat: update flow feat: update flow feat: update flow feat: update flow feat: update flow feat: update flow feat: update flow feat: update flow feat: update flow feat: accept prefix and reg ex
Add git pre-commit hook that automatically runs BATS tests before each commit when endpoint-exposer files are modified. This ensures code quality and prevents breaking changes from being committed. - Create .githooks/pre-commit hook at repo root to run tests - Add scripts/setup-hooks.sh to configure git hooks path - Update test/README.md with hook setup instructions - Hook only runs tests when endpoint-exposer files are changed Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
feature: testing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Resumen
Branch más completo para endpoint-exposer. Incluye todo lo de
feat/endpoint-exposermás:Autorización con OPA (implementa lo que
authorization.enabledprometía pero no hacía)templates/istio/opa-authz.yaml— deploy completo de OPA enistio-system: ConfigMap con política Rego, Deployment (x2 réplicas), Service. La política valida JWT: issuer, expiración, claims requeridos, método HTTP. Inyectax-user-idyx-validated-byen requests válidos.templates/istio/policies.yaml— ejemplos deAuthorizationPolicy(Istio) usando OPA como proveedor CUSTOM.examples/jwt-working-solution.yaml—RequestAuthentication+AuthorizationPolicycon JWT de nullplatform para referencia.Testing
test_build_context.bats,test_build_httproute.bats,test_apply_cleanup.bats,test_integration.bats..githooks/pre-commit— hook que corre los tests automáticamente cuando se modifican archivos de endpoint-exposer.scripts/setup-hooks.sh— configura el path de git hooks.Otros
specs/notification-channel.json.tpl— nuevo.scripts/istio/config— actualizado conOPA_PROVIDER_NAME.templates/istio/httproute.yaml.tpl— template actualizado.Test plan
./test/run-tests.shy verificar que todos los tests BATS pasanopa-authz.yamlen un cluster de prueba y verificar que OPA levanta