Merge pull request #7989 from kobergj/AuthenticationForNats

Authentication for nats

apis/grpc_apis/ocis/messages/eventhistory/v0/grpc.md

@@ -1,7 +1,7 @@
 ---
 title: "ocis.messages.eventhistory.v0"
 url: /apis/grpc_apis/ocis_messages_eventhistory_v0
-date: 2023-12-19T08:42:42Z
+date: 2023-12-19T10:25:18Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

apis/grpc_apis/ocis/messages/policies/v0/grpc.md

@@ -1,7 +1,7 @@
 ---
 title: "ocis.messages.policies.v0"
 url: /apis/grpc_apis/ocis_messages_policies_v0
-date: 2023-12-19T08:42:42Z
+date: 2023-12-19T10:25:18Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

apis/grpc_apis/ocis/messages/search/v0/grpc.md

@@ -1,7 +1,7 @@
 ---
 title: "ocis.messages.search.v0"
 url: /apis/grpc_apis/ocis_messages_search_v0
-date: 2023-12-19T08:42:42Z
+date: 2023-12-19T10:25:18Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

apis/grpc_apis/ocis/messages/settings/v0/grpc.md

@@ -1,7 +1,7 @@
 ---
 title: "ocis.messages.settings.v0"
 url: /apis/grpc_apis/ocis_messages_settings_v0
-date: 2023-12-19T08:42:42Z
+date: 2023-12-19T10:25:18Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

apis/grpc_apis/ocis/messages/store/v0/grpc.md

@@ -1,7 +1,7 @@
 ---
 title: "ocis.messages.store.v0"
 url: /apis/grpc_apis/ocis_messages_store_v0
-date: 2023-12-19T08:42:42Z
+date: 2023-12-19T10:25:18Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

apis/grpc_apis/ocis/messages/thumbnails/v0/grpc.md

@@ -1,7 +1,7 @@
 ---
 title: "ocis.messages.thumbnails.v0"
 url: /apis/grpc_apis/ocis_messages_thumbnails_v0
-date: 2023-12-19T08:42:42Z
+date: 2023-12-19T10:25:18Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

apis/grpc_apis/ocis/services/eventhistory/v0/grpc.md

@@ -1,7 +1,7 @@
 ---
 title: "ocis.services.eventhistory.v0"
 url: /apis/grpc_apis/ocis_services_eventhistory_v0
-date: 2023-12-19T08:42:42Z
+date: 2023-12-19T10:25:18Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

apis/grpc_apis/ocis/services/policies/v0/grpc.md

@@ -1,7 +1,7 @@
 ---
 title: "ocis.services.policies.v0"
 url: /apis/grpc_apis/ocis_services_policies_v0
-date: 2023-12-19T08:42:42Z
+date: 2023-12-19T10:25:18Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

apis/grpc_apis/ocis/services/search/v0/grpc.md

@@ -1,7 +1,7 @@
 ---
 title: "ocis.services.search.v0"
 url: /apis/grpc_apis/ocis_services_search_v0
-date: 2023-12-19T08:42:42Z
+date: 2023-12-19T10:25:18Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

apis/grpc_apis/ocis/services/settings/v0/grpc.md

@@ -1,7 +1,7 @@
 ---
 title: "ocis.services.settings.v0"
 url: /apis/grpc_apis/ocis_services_settings_v0
-date: 2023-12-19T08:42:42Z
+date: 2023-12-19T10:25:18Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

apis/grpc_apis/ocis/services/store/v0/grpc.md

@@ -1,7 +1,7 @@
 ---
 title: "ocis.services.store.v0"
 url: /apis/grpc_apis/ocis_services_store_v0
-date: 2023-12-19T08:42:42Z
+date: 2023-12-19T10:25:18Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

apis/grpc_apis/ocis/services/thumbnails/v0/grpc.md

@@ -1,7 +1,7 @@
 ---
 title: "ocis.services.thumbnails.v0"
 url: /apis/grpc_apis/ocis_services_thumbnails_v0
-date: 2023-12-19T08:42:42Z
+date: 2023-12-19T10:25:18Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

helpers/extended_vars.yaml

@@ -34,7 +34,7 @@ variables:
   do_ignore: true
 - rawname: registryEnv
   path: ocis-pkg/registry/registry.go:46
-  foundincode: true
+  foundincode: false
   name: MICRO_REGISTRY
   type: string
   default_value: ""
@@ -44,7 +44,7 @@ variables:
   do_ignore: false
 - rawname: registryAddressEnv
   path: ocis-pkg/registry/registry.go:44
-  foundincode: true
+  foundincode: false
   name: MICRO_REGISTRY_ADDRESS
   type: string
   default_value: ""
@@ -80,3 +80,19 @@ variables:
   default_value: ""
   description: false positive - code that extract envvars for config structs
   do_ignore: true
+- rawname: registryAddressEnv
+  path: ocis-pkg/registry/registry.go:46
+  foundincode: true
+  name: registryAddressEnv
+  type: ""
+  default_value: ""
+  description: ""
+  do_ignore: false
+- rawname: registryEnv
+  path: ocis-pkg/registry/registry.go:48
+  foundincode: true
+  name: registryEnv
+  type: ""
+  default_value: ""
+  description: ""
+  do_ignore: false

services/_includes/adoc/antivirus_configvars.adoc

@@ -4,7 +4,7 @@
 
 ifeval::[{show-deprecation} == true]
 
-[#deprecation-note-2023-12-19-08-43-00]
+[#deprecation-note-2023-12-19-10-25-37]
 [caption=]
 .Deprecation notes for the antivirus service
 [width="100%",cols="~,~,~,~",options="header"]
@@ -201,6 +201,26 @@ a| [subs=-attributes]
 a| [subs=-attributes]
 Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services.
 
+a|`OCIS_EVENTS_AUTH_USERNAME` +
+`ANTIVIRUS_EVENTS_AUTH_USERNAME` +
+
+a| [subs=-attributes]
+++string ++
+a| [subs=-attributes]
+++ ++
+a| [subs=-attributes]
+The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.
+
+a|`OCIS_EVENTS_AUTH_PASSWORD` +
+`ANTIVIRUS_EVENTS_AUTH_PASSWORD` +
+
+a| [subs=-attributes]
+++string ++
+a| [subs=-attributes]
+++ ++
+a| [subs=-attributes]
+The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.
+
 a|`ANTIVIRUS_SCANNER_TYPE` +
 
 a| [subs=-attributes]

services/_includes/adoc/app-provider_configvars.adoc

@@ -4,7 +4,7 @@
 
 ifeval::[{show-deprecation} == true]
 
-[#deprecation-note-2023-12-19-08-43-00]
+[#deprecation-note-2023-12-19-10-25-37]
 [caption=]
 .Deprecation notes for the app-provider service
 [width="100%",cols="~,~,~,~",options="header"]

services/_includes/adoc/app-registry_configvars.adoc

@@ -4,7 +4,7 @@
 
 ifeval::[{show-deprecation} == true]
 
-[#deprecation-note-2023-12-19-08-43-00]
+[#deprecation-note-2023-12-19-10-25-37]
 [caption=]
 .Deprecation notes for the app-registry service
 [width="100%",cols="~,~,~,~",options="header"]

services/_includes/adoc/audit_configvars.adoc

@@ -4,7 +4,7 @@
 
 ifeval::[{show-deprecation} == true]
 
-[#deprecation-note-2023-12-19-08-43-00]
+[#deprecation-note-2023-12-19-10-25-37]
 [caption=]
 .Deprecation notes for the audit service
 [width="100%",cols="~,~,~,~",options="header"]
@@ -192,6 +192,26 @@ a| [subs=-attributes]
 a| [subs=-attributes]
 Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services..
 
+a|`OCIS_EVENTS_AUTH_USERNAME` +
+`AUDIT_EVENTS_AUTH_USERNAME` +
+
+a| [subs=-attributes]
+++string ++
+a| [subs=-attributes]
+++ ++
+a| [subs=-attributes]
+The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services..
+
+a|`OCIS_EVENTS_AUTH_PASSWORD` +
+`AUDIT_EVENTS_AUTH_PASSWORD` +
+
+a| [subs=-attributes]
+++string ++
+a| [subs=-attributes]
+++ ++
+a| [subs=-attributes]
+The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services..
+
 a|`AUDIT_LOG_TO_CONSOLE` +
 
 a| [subs=-attributes]

services/_includes/adoc/auth-basic_configvars.adoc

@@ -4,7 +4,7 @@
 
 ifeval::[{show-deprecation} == true]
 
-[#deprecation-note-2023-12-19-08-43-00]
+[#deprecation-note-2023-12-19-10-25-37]
 [caption=]
 .Deprecation notes for the auth-basic service
 [width="100%",cols="~,~,~,~",options="header"]
@@ -263,7 +263,7 @@ LDAP DN to use for simple bind authentication with the target LDAP server.
 a|`OCIS_LDAP_BIND_PASSWORD` +
 `LDAP_BIND_PASSWORD` +
 `AUTH_BASIC_LDAP_BIND_PASSWORD` +
-xref:deprecation-note-2023-12-19-08-43-00[Deprecation Note]
+xref:deprecation-note-2023-12-19-10-25-37[Deprecation Note]
 a| [subs=-attributes]
 ++string ++
 a| [subs=-attributes]

services/_includes/adoc/auth-bearer_configvars.adoc

@@ -4,7 +4,7 @@
 
 ifeval::[{show-deprecation} == true]
 
-[#deprecation-note-2023-12-19-08-43-00]
+[#deprecation-note-2023-12-19-10-25-37]
 [caption=]
 .Deprecation notes for the auth-bearer service
 [width="100%",cols="~,~,~,~",options="header"]

services/_includes/adoc/auth-machine_configvars.adoc

@@ -4,7 +4,7 @@
 
 ifeval::[{show-deprecation} == true]
 
-[#deprecation-note-2023-12-19-08-43-00]
+[#deprecation-note-2023-12-19-10-25-37]
 [caption=]
 .Deprecation notes for the auth-machine service
 [width="100%",cols="~,~,~,~",options="header"]

services/_includes/adoc/auth-service_configvars.adoc

@@ -4,7 +4,7 @@
 
 ifeval::[{show-deprecation} == true]
 
-[#deprecation-note-2023-12-19-08-43-00]
+[#deprecation-note-2023-12-19-10-25-37]
 [caption=]
 .Deprecation notes for the auth-service service
 [width="100%",cols="~,~,~,~",options="header"]

services/_includes/adoc/clientlog_configvars.adoc

@@ -4,7 +4,7 @@
 
 ifeval::[{show-deprecation} == true]
 
-[#deprecation-note-2023-12-19-08-43-00]
+[#deprecation-note-2023-12-19-10-25-37]
 [caption=]
 .Deprecation notes for the clientlog service
 [width="100%",cols="~,~,~,~",options="header"]
@@ -211,6 +211,26 @@ a| [subs=-attributes]
 a| [subs=-attributes]
 Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services..
 
+a|`OCIS_EVENTS_AUTH_USERNAME` +
+`CLIENTLOG_EVENTS_AUTH_USERNAME` +
+
+a| [subs=-attributes]
+++string ++
+a| [subs=-attributes]
+++ ++
+a| [subs=-attributes]
+The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services..
+
+a|`OCIS_EVENTS_AUTH_PASSWORD` +
+`CLIENTLOG_EVENTS_AUTH_PASSWORD` +
+
+a| [subs=-attributes]
+++string ++
+a| [subs=-attributes]
+++ ++
+a| [subs=-attributes]
+The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services..
+
 a|`OCIS_SERVICE_ACCOUNT_ID` +
 `CLIENTLOG_SERVICE_ACCOUNT_ID` +
 

services/_includes/adoc/eventhistory_configvars.adoc

@@ -4,7 +4,7 @@
 
 ifeval::[{show-deprecation} == true]
 
-[#deprecation-note-2023-12-19-08-43-00]
+[#deprecation-note-2023-12-19-10-25-37]
 [caption=]
 .Deprecation notes for the eventhistory service
 [width="100%",cols="~,~,~,~",options="header"]
@@ -201,6 +201,26 @@ a| [subs=-attributes]
 a| [subs=-attributes]
 Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services..
 
+a|`OCIS_EVENTS_AUTH_USERNAME` +
+`EVENTHISTORY_EVENTS_AUTH_USERNAME` +
+
+a| [subs=-attributes]
+++string ++
+a| [subs=-attributes]
+++ ++
+a| [subs=-attributes]
+The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services..
+
+a|`OCIS_EVENTS_AUTH_PASSWORD` +
+`EVENTHISTORY_EVENTS_AUTH_PASSWORD` +
+
+a| [subs=-attributes]
+++string ++
+a| [subs=-attributes]
+++ ++
+a| [subs=-attributes]
+The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services..
+
 a|`OCIS_PERSISTENT_STORE` +
 `EVENTHISTORY_STORE` +
 
@@ -258,5 +278,25 @@ a| [subs=-attributes]
 ++0 ++
 a| [subs=-attributes]
 The maximum quantity of items in the store. Only applies when store type 'ocmem' is configured. Defaults to 512 which is derived and used from the ocmem package though no explicit default was set.
+
+a|`OCIS_PERSISTENT_STORE_AUTH_USERNAME` +
+`EVENTHISTORY_STORE_AUTH_USERNAME` +
+
+a| [subs=-attributes]
+++string ++
+a| [subs=-attributes]
+++ ++
+a| [subs=-attributes]
+The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured.
+
+a|`OCIS_PERSISTENT_STORE_AUTH_PASSWORD` +
+`EVENTHISTORY_STORE_AUTH_PASSWORD` +
+
+a| [subs=-attributes]
+++string ++
+a| [subs=-attributes]
+++ ++
+a| [subs=-attributes]
+The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured.
 |===
 

services/_includes/adoc/extended_configvars.adoc

@@ -52,4 +52,20 @@ a| [subs=-attributes]
 a| [subs=-attributes]
 ++The default directory location for config files. Predefined to '/etc/ocis' for container images (inside the container) or '$HOME/.ocis/config' for binary releases. ++
 
+
+a| `registryAddressEnv` +
+a| [subs=-attributes]
+++ ++
+a| [subs=-attributes]
+++ ++
+a| [subs=-attributes]
+++ ++
+
+a| `registryEnv` +
+a| [subs=-attributes]
+++ ++
+a| [subs=-attributes]
+++ ++
+a| [subs=-attributes]
+++ ++
 |===