Kratos
- Identity Charmers
Channel | Revision | Published | Runs on |
---|---|---|---|
latest/stable | 397 | 24 Apr 2024 | |
latest/edge | 497 | 15 Nov 2024 | |
0.4/edge | 495 | 07 Nov 2024 | |
0.3/edge | 419 | 05 Jul 2024 | |
0.2/stable | 406 | 26 Jun 2024 | |
0.2/edge | 406 | 02 May 2024 | |
0.1/edge | 383 | 29 Sep 2023 |
juju deploy kratos --channel edge
Deploy Kubernetes operators easily with Juju, the Universal Operator Lifecycle Manager. Need a Kubernetes cluster? Install MicroK8s to create a full CNCF-certified Kubernetes system in under 60 seconds.
Platform:
Kratos Charm Security
This document provides cryptographic documentation for the Kratos charm. Its purpose is to track the exposure of charm code to cryptographic attack vectors.
What is not included in this document and regarded as out of scope:
- Workload code (refer to the workloads’ cryptographic documentation).
- Data at rest encryption.
Sensitive Data Exchange
The charm relies on Juju secrets:
- To store Kratos admin password.
- To store Kratos cookie secret that is used to encrypt session cookies.
Github secrets are used during development, build, test and deploy phases:
- To get Charmcraft credentials that are used to interact with Charmhub.
- To get a Github token that is used to interact with Github API.
Cryptographic tech and packages in use
Kratos charm uses the following cryptography packages:
- Python secrets built-in library is used to generate Kratos cookie secret.
Kratos depends on ca-certificates dpkg package, which is based on Mozilla certificate bundle.