Portal
Proto: portal.proto
Package: portal.gloo.solo.io
Types:
- CustomStyling
- PageSpec
- PortalSpec
- PortalSpec.EnvironmentSelector
- PortalSpec.GatewayConfig
- PortalSpec.GatewayConfig.LabelsEntry
- PortalSpec.Oauth2Auth
- PortalSpec.OidcAuth
- PortalSpec.PageExtension
- PortalSpec.PageExtensionsEntry
- PortalStatus
- PortalStatus.EnvironmentInfo
CustomStyling
Custom Styling options for a portal
Field | Type | Label | Description |
---|---|---|---|
primaryColor |
string | ||
secondaryColor |
string | ||
backgroundColor |
string | ||
navigationLinksColorOverride |
string | ||
buttonColorOverride |
string | ||
defaultTextColor |
string | ||
cssStylesheet |
common.portal.gloo.solo.io.DataSource | Custom CSS stylesheet that will be applied to the portal. Custom stylesheets take precedence over the other styling attributes in this object. |
PageSpec
Field | Type | Label | Description |
---|---|---|---|
name |
string | The name of the page. | |
description |
string | Description of the page. | |
path |
string | The path for this page relative to the portal base URL. | |
navigationLinkName |
string | The name of the link displayed on the portal navigation bar. | |
displayOnHomepage |
bool | Set to true if you want to display a tile that links to the static page on the portal home page. Only one of the static pages for a portal can set this flag to true. | |
content |
common.portal.gloo.solo.io.DataSource | Content for the page, markdown in the case of Static pages, url inline_string in the case of Dynamic |
PortalSpec
A Portal tells the Gloo Portal operator to fetch and serve static assets which are used by the Gloo Portal UI. Each portal can publish one or more APIProducts.
Field | Type | Label | Description |
---|---|---|---|
displayName |
string | Display name of the portal. | |
description |
string | Description for the portal. | |
domains |
[]string | repeated | The domains on which this Portal will be served. The Host header received by the Portal Web App will be matched to one of these domains in order to determine which Portal will be served. If you are using Gloo Edge and the Gateway through which you are exposing the Portal is listening on a port other than 80/443, you should include the port as part of the domain string, e.g. “portal.solo.io:8443”. To prevent undefined behavior, creating a Portal whose domain conflicts with an existing Portal or Environment will result in the Portal resource being placed into an ‘Invalid’ state. |
primaryLogo |
common.portal.gloo.solo.io.DataSource | Logo to display on the portal. SVG format not supported. | |
favicon |
common.portal.gloo.solo.io.DataSource | Browser favicon for the portal. SVG format not supported. | |
banner |
common.portal.gloo.solo.io.DataSource | The banner image for the portal. SVG format not supported. | |
customStyling |
portal.gloo.solo.io.CustomStyling | Custom Styling overrides. | |
staticPages |
[]portal.gloo.solo.io.PageSpec | repeated | Static markdown content pages for the Portal. |
dynamicPages |
[]portal.gloo.solo.io.PageSpec | repeated | Dynamic pages that should be included in the Portal. |
enableIngress |
google.protobuf.BoolValue | Generate an ingress route from this Portal's domains to the web application serving this portal. Defaults to true. | |
oidcAuth |
portal.gloo.solo.io.PortalSpec.OidcAuth | Set this field to allow users to authenticate with the Portal using an OIDC Identity Provider. | |
oauth2Auth |
portal.gloo.solo.io.PortalSpec.Oauth2Auth | Set this field to allow users to authenticate with the Portal using an OAuth2 Auth Provider. | |
tls |
gloo.solo.io.SslConfig | This field is required to correctly configure TLS on the VirtualService that is generated by Gloo Portal when enable_ingress is true and you are running in Gloo Edge mode. The field is ignored when running in Istio mode, as TLS is configured by the user on Gateway or VirtualGateway resources respectively. |
|
publishedEnvironments |
[]portal.gloo.solo.io.PortalSpec.EnvironmentSelector | repeated | Determines which Environments and APIProducts will be published in the Portal. The set of Environments and APIProducts a specific user sees upon login will be filtered by the permissions associated either with that User, or with the Groups that the user is a member of. If the Environments/APIProducts published in the Portal do not intersect with the ones accessible by the User, the user will see no APIProducts. |
allApisPublicViewable |
bool | Controls the behavior of the Portal for users who are not logged in. By default, the Portal requires login to see API Products. If true, all APIs are visible to all users (even those who aren't logged in). | |
portalUrlPrefix |
string | The prefix URL must match the URL used by users to reach the portal. This should be in the format (http | |
gatewayConfig |
portal.gloo.solo.io.PortalSpec.GatewayConfig | Customization options for generated gateway resources. | |
pageExtensions |
[]portal.gloo.solo.io.PortalSpec.PageExtensionsEntry | repeated | Optional elements that can be added to the <head> of pages in a portal. Often these will be <script> tags. |
routeOptions |
gloo.solo.io.RouteOptions | This field can be used to set arbitrary route options on the route of the generated VirtualService when running in Gloo Edge mode. A fully documented list of the available options can be found in the Gloo Edge documentation here. |
PortalSpec.EnvironmentSelector
Field | Type | Label | Description |
---|---|---|---|
name |
string | The name of the Environment to publish. | |
namespace |
string | The namespace of the Environment to publish. | |
apiProducts |
[]common.portal.gloo.solo.io.ObjectRef | repeated | Use this field to only publish a subset of the APIProducts included in the Environment. If empty, all APIProducts included in the Environment will be published in the Portal. |
PortalSpec.GatewayConfig
Field | Type | Label | Description |
---|---|---|---|
labels |
[]portal.gloo.solo.io.PortalSpec.GatewayConfig.LabelsEntry | repeated | Custom labels that will be added to the gateway resources that Gloo Portal generates for this Portal (VirtualServices for Gloo Edge). Any labels that use a reserved key name (e.g. portals.portal.gloo.solo.io/<portalNamespace>.<portalName> ) will be ignored. |
PortalSpec.GatewayConfig.LabelsEntry
Field | Type | Label | Description |
---|---|---|---|
key |
string | ||
value |
string |
PortalSpec.Oauth2Auth
Configuration parameters for authenticating to a Portal using the OAuth2 authorization code flow. Acts as an alternative to Gloo Portal's built-in User management.
Field | Type | Label | Description |
---|---|---|---|
authUrl |
string | URL for the OAuth2 provider's auth endpoint | |
tokenUrl |
string | URL for the OAuth2 provider's token endpoint | |
clientId |
string | The Client ID used to register with the OAuth2 provider. | |
clientSecret |
common.portal.gloo.solo.io.SecretRef | Reference to a Kubernetes secret containing the OAuth2 Client Secret to be used to register with the OAuth2 authentication server. The default key used to look up the secret will be "client_secret" if not specified in the secret ref. |
|
groupClaimKey |
string | The name of the header/claim in the OAuth2 AuthToken expected to contain the names of the Groups which are authorized to access this portal. Portal will check the auth_token for the group claim and reject the login attempt if not found The group field is expected to contain one or more group names as either a space-delimited string or an array of strings | |
usernameClaimKey |
string | The name of the header/claim in the OAuth2 AuthToken expected to contain the user's username If only an email claim is found, the email will be used as the username If neither username nor email is found, authentication will fail | |
emailClaimKey |
string | The name of the header/claim in the OAuth2 AuthToken expected to contain the user's email If only an email claim is found, the email will be used as the username If neither username nor email is found, authentication will fail | |
defaultGroups |
[]common.portal.gloo.solo.io.ObjectRef | repeated | The set of Group resources that that all OIDC authenticated users should be considered members of, in addition to the ones specified by the group membership information contained in the ID token. This feature can be used to guarantee a standard set of permissions in cases when the OIDC server cannot include group membership information in the ID tokens it returns to authenticated users. |
scopes |
[]string | repeated | Any scopes to be included in the request. |
caCerts |
common.portal.gloo.solo.io.SecretRef | The secret ref holding the root CA certificates to trust |
PortalSpec.OidcAuth
Configuration parameters for authenticating to a Portal using OIDC. Acts as an alternative to Gloo Portal's built-in User management.
Field | Type | Label | Description |
---|---|---|---|
issuer |
string | The issuer is the URL identifier for the service. For example: “https://accounts.google.com" | |
clientId |
string | The Client ID used to register with the OIDC provider. | |
clientSecret |
common.portal.gloo.solo.io.SecretRef | Reference to a Kubernetes secret containing the OIDC Client Secret to be used to register with the OIDC authentication server. The default key used to look up the secret will be "client_secret" if not specified in the secret ref. |
|
groupClaimKey |
string | The Key of the OIDC claim containing the names of the Groups which are authorized to access this portal. Portal will check the id_token for the group claim and, if none is found, check the provider's userinfo for the group claim. The userinfo is retrieved from the userinfo endpoint specified in the provider's OIDC config as described here: https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig The group claim is expected to contain one or more group names as either a space-delimited string or an array of strings | |
defaultGroups |
[]common.portal.gloo.solo.io.ObjectRef | repeated | The set of Group resources that that all OIDC authenticated users should be considered members of, in addition to the ones specified by the group membership information contained in the ID token. This feature can be used to guarantee a standard set of permissions in cases when the OIDC server cannot include group membership information in the ID tokens it returns to authenticated users. |
additionalScopes |
[]string | repeated | Any additional scopes to be included in the request. By default, “openid”, “profile”, and “email” are included. As the name indicates, any scopes provided in this field will be included in addition to the defaults, rather than overwriting them. If one of the defaults is provided, it will only be included once. |
caCerts |
common.portal.gloo.solo.io.SecretRef | The secret ref holding the root CA certificates to trust |
PortalSpec.PageExtension
Field | Type | Label | Description |
---|---|---|---|
customHtml |
common.portal.gloo.solo.io.DataSource | The text contents of an element to be added to the <head> of all portal pages. Generally, this will be something like a <script> tag. The contents should be valid HTML. |
PortalSpec.PageExtensionsEntry
Field | Type | Label | Description |
---|---|---|---|
key |
string | ||
value |
portal.gloo.solo.io.PortalSpec.PageExtension |
PortalStatus
The current status of the Portal. The Portal will be processed as soon as it is created in the cluster.
Field | Type | Label | Description |
---|---|---|---|
observedGeneration |
int64 | The observed generation of the Portal. When this matches the Portal's metadata.generation, it indicates the status is up-to-date. | |
state |
common.portal.gloo.solo.io.State | The current state of the portal. | |
reason |
string | A human-readable string explaining the error, if any. | |
publishUrl |
string | The published URL at which the portal can be accessed | |
publishedEnvironments |
[]portal.gloo.solo.io.PortalStatus.EnvironmentInfo | repeated | The Environments and APIProducts that are currently considered to be part of this Portal. |
PortalStatus.EnvironmentInfo
Field | Type | Label | Description |
---|---|---|---|
name |
string | The name of the Environment. | |
namespace |
string | The namespace of the Environment. | |
apiProducts |
[]common.portal.gloo.solo.io.ObjectRef | repeated | Environment APIProducts that are published. |