OpenFGA
- By Identity Charmers
| Channel | Revision | Published | Runs on |
|---|---|---|---|
| latest/stable | 27 | 11 Apr 2024 | |
| latest/edge | 29 | 02 May 2024 | |
| 2.0/stable | 26 | 11 Apr 2024 | |
| 2.0/edge | 26 | 11 Apr 2024 | |
| 1.0/edge | 12 | 17 Oct 2023 |
juju deploy openfga-k8s
Deploy Kubernetes operators easily with Juju, the Universal Operator Lifecycle Manager. Need a Kubernetes cluster? Install MicroK8s to create a full CNCF-certified Kubernetes system in under 60 seconds.
Platform:
charms.openfga_k8s.v1.openfga
-
- Last updated 31 Jan 2024
- Revision Library version 1.1
Interface Library for OpenFGA.
This library wraps relation endpoints using the openfga interface
and provides a Python API for requesting OpenFGA authorization model
stores to be created.
Getting Started
To get started using the library, you just need to fetch the library using charmcraft.
cd some-charm
charmcraft fetch-lib charms.openfga_k8s.v1.openfga
In the metadata.yaml of the charm, add the following:
requires:
openfga:
interface: openfga
Then, to initialise the library:
from charms.openfga_k8s.v1.openfga import (
OpenFGARequires,
OpenFGAStoreCreateEvent,
)
class SomeCharm(CharmBase):
def __init__(self, *args):
# ...
self.openfga = OpenFGARequires(self, "test-openfga-store")
self.framework.observe(
self.openfga.on.openfga_store_created,
self._on_openfga_store_created,
)
def _on_openfga_store_created(self, event: OpenFGAStoreCreateEvent):
if not event.store_id:
return
info = self.openfga.get_store_info()
if not info:
return
logger.info("store id {}".format(info.store_id))
logger.info("token {}".format(info.token))
logger.info("grpc_api_url {}".format(info.grpc_api_url))
logger.info("http_api_url {}".format(info.http_api_url))
The OpenFGA charm will attempt to use Juju secrets to pass the token to the requiring charm. However if the Juju version does not support secrets it will fall back to passing plaintext token via relation data.
Index
class OpenfgaError
Description
Base class for custom errors raised by this library. None
class DataValidationError
Description
Raised when data validation fails on relation data. None
class DatabagModel
Description
Base databag model. None
Methods
DatabagModel. Config
Description
Pydantic config. None
DatabagModel. load( cls , databag: MutableMapping )
Description
Load this model from a Juju databag. None
DatabagModel. dump( self , databag )
Description
Write the contents of this model to Juju databag. None
class OpenfgaRequirerAppData
Description
Openfga requirer application databag model. None
class OpenfgaProviderAppData
Description
Openfga requirer application databag model. None
Methods
OpenfgaProviderAppData. validate_token( cls , v: str , values: Dict )
Description
Validate token_secret_id arg. None
class OpenFGAStoreCreateEvent
Description
Event emitted when a new OpenFGA store is created. None
Methods
OpenFGAStoreCreateEvent. __init__( self , handle: Handle , store_id: str )
OpenFGAStoreCreateEvent. snapshot( self )
Description
Save event. None
OpenFGAStoreCreateEvent. restore( self , snapshot: Dict )
Description
Restore event. None
class OpenFGAStoreRemovedEvent
Description
Event emitted when a new OpenFGA store is removed. None
class OpenFGARequirerEvents
Description
Custom charm events. None
class OpenFGARequires
This class defines the functionality for the 'requires' side of the 'openfga' relation.
Description
Hook events observed: - relation-created - relation-changed - relation-departed
Methods
OpenFGARequires. __init__( self , charm: CharmBase , store_name: str , relation_name: str )
OpenFGARequires. get_store_info( self )
Description
Get the OpenFGA store and server info. None
class OpenFGAStoreRequestEvent
Description
Event emitted when a new OpenFGA store is requested. None
Methods
OpenFGAStoreRequestEvent. __init__( self , handle: Handle , relation: Relation , store_name: str )
OpenFGAStoreRequestEvent. snapshot( self )
Description
Save event. None
OpenFGAStoreRequestEvent. restore( self , snapshot: Dict )
Description
Restore event. None
class OpenFGAProviderEvents
Description
Custom charm events. None
class OpenFGAProvider
Description
Requirer side of the openfga relation. None
Methods
OpenFGAProvider. __init__( self , charm: CharmBase , relation_name: str , http_port , grpc_port , scheme )
OpenFGAProvider. update_relation_info( self , store_id: str , grpc_api_url , http_api_url , token , token_secret_id , relation_id )
Description
Update a relation databag. None
OpenFGAProvider. update_server_info( self , grpc_api_url , http_api_url )
Description
Update all the relations databags with the server info. None