Add USER_ENDPOINTS_ENABLED to helm chart values and documentation (#4876

) Signed-off-by: Thomas Quandt <[email protected]>
cloudfoundry · Apr 16, 2021 · 0f13b56 · 0f13b56
1 parent 9f0ed4d
commit 0f13b56
Show file tree

Hide file tree

Showing 6 changed files with 14 additions and 2 deletions.
diff --git a/deploy/kubernetes/console/README.md b/deploy/kubernetes/console/README.md
@@ -78,6 +78,7 @@ The following table lists the configurable parameters of the Stratos Helm chart
 |console.userInviteSubject|Email subject of the user invitation message||
 |console.techPreview|Enable/disable Tech Preview features|false|
 |console.apiKeysEnabled|Enable/disable API key-based access to Stratos API (disabled, admin_only, all_users)|admin_only|
+|console.userEndpointsEnabled|Enable/disable user endpoints or let only admins view and manage user endpoints (disabled, admin_only, enabled)|disabled|
 |console.ui.listMaxSize|Override the default maximum number of entities that a configured list can fetch. When a list meets this amount additional pages are not fetched||
 |console.ui.listAllowLoadMaxed|If the maximum list size is met give the user the option to fetch all results|false|
 |console.localAdminPassword|Use local admin user instead of UAA - set to a password to enable||

diff --git a/deploy/kubernetes/console/templates/deployment.yaml b/deploy/kubernetes/console/templates/deployment.yaml
@@ -288,6 +288,8 @@ spec:
           value: {{ default "false" .Values.console.techPreview | quote }}
         - name: API_KEYS_ENABLED
           value: {{ default "admin_only" .Values.console.apiKeysEnabled | quote }}
+        - name: USER_ENDPOINTS_ENABLED
+          value: {{ default "disabled" .Values.console.userEndpointsEnabled | quote }}
         - name: HELM_CACHE_FOLDER
           value: /helm-cache
         {{- if .Values.console.ui }}

diff --git a/deploy/kubernetes/console/values.schema.json b/deploy/kubernetes/console/values.schema.json
@@ -14,6 +14,11 @@
           "enum": ["disabled", "admin_only", "all_users"],
           "description": "Enable API keys for admins, all users or nobody"
         },
+        "userEndpointsEnabled": {
+          "type": "string",
+          "enum": ["disabled", "admin_only", "enabled"],
+          "description": "Enable, disable or let only admins view user endpoints"
+        },
         "autoRegisterCF": {
           "type": ["string", "null"]
         },

diff --git a/deploy/kubernetes/console/values.yaml b/deploy/kubernetes/console/values.yaml
@@ -70,6 +70,9 @@ console:
   # Enable/disable API key-based access to Stratos API
   apiKeysEnabled: admin_only
 
+  # Enable/disable user endpoints
+  userEndpointsEnabled: disabled
+
   ui:
     # Override the default maximum number of entities that a configured list can fetch. When a list meets this amount additional pages are not fetched 
     listMaxSize:

diff --git a/website/docs/deploy/kubernetes/install.md b/website/docs/deploy/kubernetes/install.md
@@ -79,6 +79,7 @@ The following table lists the configurable parameters of the Stratos Helm chart
 |console.templatesConfigMapName|Name of config map that provides the template files for user invitation emails||
 |console.userInviteSubject|Email subject of the user invitation message||
 |console.techPreview|Enable/disable Tech Preview features|false|
+|console.userEndpointsEnabled|Enable/disable user endpoints or let only admins view and manage user endpoints (disabled, admin_only, enabled)|disabled|
 |console.ui.listMaxSize|Override the default maximum number of entities that a configured list can fetch. When a list meets this amount additional pages are not fetched||
 |console.ui.listAllowLoadMaxed|If the maximum list size is met give the user the option to fetch all results|false|
 |console.localAdminPassword|Use local admin user instead of UAA - set to a password to enable||

diff --git a/website/docs/endpoints/cf/user-endpoints.md b/website/docs/endpoints/cf/user-endpoints.md
@@ -11,15 +11,15 @@ Stratos provides a way for users to create endpoints without the need to be an a
 
 In order to enable User Endpoints support in Stratos:
 
-1. The environment variable `USER_ENDPOINTS_ENABLED` must be set
+1. The environment variable `USER_ENDPOINTS_ENABLED` or helm chart value `console.userEndpointsEnabled` must be set
 2. The UAA client used by Stratos needs an additional scope `stratos.endpointadmin`
 3. Users need to have the `stratos.endpointadmin` group attached to them
 
 Once all steps have been completed, user within the `stratos.endpointadmin` group are allowed to create endpoints. Endpoints created by users are only visible to their respective user and all admins.
 
 ## Environment variable
 
-`USER_ENDPOINTS_ENABLED` can be set to three different states:
+`USER_ENDPOINTS_ENABLED` or helm chart value `console.userEndpointsEnabled` can be set to three different states:
 
 1. `disabled` (default) will disable this feature. Neither admins nor users will see user endpoints.
 2. `admin_only` will hide user endpoints from users. Admins can still see all endpoints created by users.