first commit

apis/task-management-api.yaml

@@ -0,0 +1,198 @@
+apiVersion: gravitee.io/v1alpha1
+kind: ApiV4Definition
+metadata:
+  name: task-management-api
+  namespace: gravitee-apim
+spec:
+  name: Task Management API
+  description: Task Management microservice — CRUD tasks with PostgreSQL backend
+  version: 1.0.0
+  type: PROXY
+  state: STARTED
+  visibility: PUBLIC
+  lifecycleState: PUBLISHED
+  contextRef:
+    name: gravitee-management-context
+    namespace: gravitee-apim
+  listeners:
+  - type: HTTP
+    hosts:
+    - gateway.gravitee.sttlab.pc
+    paths:
+    - path: /tasks-management
+    entrypoints:
+    - type: http-proxy
+  endpointGroups:
+  - name: default
+    type: http-proxy
+    endpoints:
+    - name: task-management
+      type: http-proxy
+      secondary: false
+      inheritConfiguration: false
+      configuration:
+        target: "[[ configmap `task-management-config/backend-url` ]]"
+      sharedConfigurationOverride:
+        ssl:
+          trustAll: false
+          hostnameVerifier: true
+          trustStore:
+            type: PEM
+            content: "[[ secret `task-management-tls/tls.crt` ]]"
+    sharedConfiguration: {}
+  plans:
+    API_KEY_PLAN:
+      name: API Key Plan
+      description: Access secured by API Key
+      security:
+        type: API_KEY
+      status: PUBLISHED
+      flows: []
+    JWT_PLAN_FREE:
+      name: "Free"
+      description: "JWT — 100 requests per day"
+      security:
+        type: JWT
+        configuration:
+          signature: RSA_RS256
+          publicKeyResolver: JWKS_URL
+          resolverParameter: "[[ configmap `task-management-config/keycloak-jwks-url` ]]"
+          useSystemProxy: false
+          extractClaims: true
+          userClaim: sub
+          clientIdClaim: azp
+          checkRequiredClaims: true
+          requiredClaims:
+            - name: iss
+              value: "[[ configmap `task-management-config/keycloak-issuer` ]]"
+      status: PUBLISHED
+      flows:
+        - name: quota
+          enabled: true
+          request:
+            - name: Quota
+              policy: quota
+              enabled: true
+              configuration:
+                addHeaders: true
+                quota:
+                  limit: 100
+                  periodTime: 1
+                  periodTimeUnit: DAYS
+          response: []
+    JWT_PLAN_STANDARD:
+      name: "Standard"
+      description: "JWT — 10 000 requests per day"
+      security:
+        type: JWT
+        configuration:
+          signature: RSA_RS256
+          publicKeyResolver: JWKS_URL
+          resolverParameter: "[[ configmap `task-management-config/keycloak-jwks-url` ]]"
+          useSystemProxy: false
+          extractClaims: true
+          userClaim: sub
+          clientIdClaim: azp
+          checkRequiredClaims: true
+          requiredClaims:
+            - name: iss
+              value: "[[ configmap `task-management-config/keycloak-issuer` ]]"
+      status: PUBLISHED
+      flows:
+        - name: quota
+          enabled: true
+          request:
+            - name: Quota
+              policy: quota
+              enabled: true
+              configuration:
+                addHeaders: true
+                quota:
+                  limit: 10000
+                  periodTime: 1
+                  periodTimeUnit: DAYS
+          response: []
+    JWT_PLAN_PREMIUM:
+      name: "Premium"
+      description: "JWT — unlimited"
+      security:
+        type: JWT
+        configuration:
+          signature: RSA_RS256
+          publicKeyResolver: JWKS_URL
+          resolverParameter: "[[ configmap `task-management-config/keycloak-jwks-url` ]]"
+          useSystemProxy: false
+          extractClaims: true
+          userClaim: sub
+          clientIdClaim: azp
+          checkRequiredClaims: true
+          requiredClaims:
+            - name: iss
+              value: "[[ configmap `task-management-config/keycloak-issuer` ]]"
+      status: PUBLISHED
+      flows: []
+  analytics:
+    enabled: true
+    logging:
+      mode:
+        entrypoint: true
+        endpoint: true
+      phase:
+        request: true
+        response: true
+      content:
+        headers: true
+        payload: true
+        messageHeaders: false
+        messagePayload: false
+        messageMetadata: false
+  flows:
+  - name: traffic-management
+    enabled: true
+    request:
+    - name: Rate Limit
+      policy: rate-limit
+      enabled: true
+      configuration:
+        addHeaders: true
+        rate:
+          limit: 100
+          periodTime: 1
+          periodTimeUnit: MINUTES
+    response: []
+  - name: request-transformation
+    enabled: true
+    request:
+    - name: inject-application-name
+      policy: transform-headers
+      enabled: true
+      configuration:
+        addHeaders:
+          - name: X-Application-Id
+            value: "{#context.attributes['application']}"
+    response: []
+  - name: response-transformation
+    enabled: true
+    request: []
+    response:
+    - name: headers-cleaning
+      policy: transform-headers
+      enabled: true
+      configuration:
+        removeHeaders:
+          - server
+  pages:
+    specifications:
+      name: specifications
+      type: FOLDER
+      published: true
+    swagger:
+      name: OpenAPI Specification
+      type: SWAGGER
+      parent: specifications
+      source:
+        type: http-fetcher
+        configuration:
+          url: "[[ configmap `task-management-config/openapi-url` ]]"
+          useSystemProxy: false
+      published: true