* add policies service
add policies proxy middleware
add policies event service
add policies grpc service
prepare ci and git environments (ci, make, readme, doc)
* add webfinger to the drone conf
* fix docs
remove not used virus scan postprocessing step
* relocate example rego file
implicitly enable and disable proxy and postprocessing policy checking by setting the query.
update configuration descriptions
* move policies
update readme
* use converter func to convert pp environment to actual environment
expose and test custom rego functions
add engine unit tests
add opa unit tests
update policies readme
Co-authored-by: Martin <github@diemattels.at>
* relocate sample policies to the deployments folder
change and document policies service port
* update index.md and small fix
* add health command
add version command
add debug server
---------
Co-authored-by: Martin <github@diemattels.at>
The auth-bearer service is currently not needed by ocis. Reva tookens
for oidc authenticated clients are currently minted via the auth-machine
service. This commit does not completely remove the service as we shoud
consider to rework the proxy's oidc middleware to use the auth-bearer
service in the future (see #4701)
Fixes: #4692
* use configured names as service names in ocis runtime
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
* add changelog
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
* correct service names for group and storage-shares
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
* use correct service names in .drone.star
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
* align ocis-pkg/config/config.go
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
Setup idp to verify the LDAP server certificate. As this certificate
might be generated on startup, this also moved the IDP to the "delayed"
set of services. So it starts after "idm".
- The accounts and glauth service are turned off by default
- proxy is switch from "accounts" to "cs3" for the account backend
- The LDAP configuration (graph, idp, storage) of all services now
points to idm instead of glauth
* allow proxy to route to micro service
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
* use go micre ocdav service instead of reva frontend
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
* add missing gateway default config
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
* update reva branch for testing
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
* add changelog
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
* add missing comands
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
* bump reva version
Signed-off-by: jkoberg <jkoberg@owncloud.com>
* tidy
Signed-off-by: jkoberg <jkoberg@owncloud.com>
* bump reva again
Signed-off-by: jkoberg <jkoberg@owncloud.com>
* a blind mans config change
Signed-off-by: jkoberg <jkoberg@owncloud.com>
* add ocdav to must start extensions
Signed-off-by: jkoberg <jkoberg@owncloud.com>
* fail when neither backend nor service is set
Signed-off-by: jkoberg <jkoberg@owncloud.com>
Co-authored-by: jkoberg <jkoberg@owncloud.com>
