infra-gravitee-apim/apis/task-management-api.yaml

apiVersion: gravitee.io/v1alpha1
kind: ApiV4Definition
metadata:
  name: task-management-api
  namespace: gravitee-apim
spec:
  name: Task Management API
  description: Task Management microservice — CRUD tasks with PostgreSQL backend
  version: 1.0.0
  type: PROXY
  state: STARTED
  visibility: PUBLIC
  lifecycleState: PUBLISHED
  contextRef:
    name: gravitee-management-context
    namespace: gravitee-apim
  listeners:
  - type: HTTP
    hosts:
    - gateway.gravitee.sttlab.pc
    paths:
    - path: /tasks-management
    entrypoints:
    - type: http-proxy
  endpointGroups:
  - name: default
    type: http-proxy
    endpoints:
    - name: task-management
      type: http-proxy
      secondary: false
      inheritConfiguration: false
      configuration:
        target: "[[ configmap `task-management-config/backend-url` ]]"
      sharedConfigurationOverride:
        ssl:
          trustAll: false
          hostnameVerifier: true
          trustStore:
            type: PEM
            content: "[[ secret `task-management-tls/tls.crt` ]]"
    sharedConfiguration: {}
  plans:
    API_KEY_PLAN:
      name: API Key Plan
      description: Access secured by API Key
      security:
        type: API_KEY
      status: PUBLISHED
      flows: []
    JWT_PLAN_FREE:
      name: "Free"
      description: "JWT — 100 requests per day"
      security:
        type: JWT
        configuration:
          signature: RSA_RS256
          publicKeyResolver: JWKS_URL
          resolverParameter: "[[ configmap `task-management-config/keycloak-jwks-url` ]]"
          useSystemProxy: false
          extractClaims: true
          userClaim: sub
          clientIdClaim: azp
          checkRequiredClaims: true
          requiredClaims:
            - name: iss
              value: "[[ configmap `task-management-config/keycloak-issuer` ]]"
      status: PUBLISHED
      flows:
        - name: quota
          enabled: true
          request:
            - name: Quota
              policy: quota
              enabled: true
              configuration:
                addHeaders: true
                quota:
                  limit: 100
                  periodTime: 1
                  periodTimeUnit: DAYS
          response: []
    JWT_PLAN_STANDARD:
      name: "Standard"
      description: "JWT — 10 000 requests per day"
      security:
        type: JWT
        configuration:
          signature: RSA_RS256
          publicKeyResolver: JWKS_URL
          resolverParameter: "[[ configmap `task-management-config/keycloak-jwks-url` ]]"
          useSystemProxy: false
          extractClaims: true
          userClaim: sub
          clientIdClaim: azp
          checkRequiredClaims: true
          requiredClaims:
            - name: iss
              value: "[[ configmap `task-management-config/keycloak-issuer` ]]"
      status: PUBLISHED
      flows:
        - name: quota
          enabled: true
          request:
            - name: Quota
              policy: quota
              enabled: true
              configuration:
                addHeaders: true
                quota:
                  limit: 10000
                  periodTime: 1
                  periodTimeUnit: DAYS
          response: []
    JWT_PLAN_PREMIUM:
      name: "Premium"
      description: "JWT — unlimited"
      security:
        type: JWT
        configuration:
          signature: RSA_RS256
          publicKeyResolver: JWKS_URL
          resolverParameter: "[[ configmap `task-management-config/keycloak-jwks-url` ]]"
          useSystemProxy: false
          extractClaims: true
          userClaim: sub
          clientIdClaim: azp
          checkRequiredClaims: true
          requiredClaims:
            - name: iss
              value: "[[ configmap `task-management-config/keycloak-issuer` ]]"
      status: PUBLISHED
      flows: []
  analytics:
    enabled: true
    logging:
      mode:
        entrypoint: true
        endpoint: true
      phase:
        request: true
        response: true
      content:
        headers: true
        payload: true
        messageHeaders: false
        messagePayload: false
        messageMetadata: false
  flows:
  - name: traffic-management
    enabled: true
    request:
    - name: Rate Limit
      policy: rate-limit
      enabled: true
      configuration:
        addHeaders: true
        rate:
          limit: 100
          periodTime: 1
          periodTimeUnit: MINUTES
    response: []
  - name: request-transformation
    enabled: true
    request:
    - name: inject-application-name
      policy: transform-headers
      enabled: true
      configuration:
        addHeaders:
          - name: X-Application-Id
            value: "{#context.attributes['application']}"
    response: []
  - name: response-transformation
    enabled: true
    request: []
    response:
    - name: headers-cleaning
      policy: transform-headers
      enabled: true
      configuration:
        removeHeaders:
          - server
  pages:
    specifications:
      name: specifications
      type: FOLDER
      published: true
    swagger:
      name: OpenAPI Specification
      type: SWAGGER
      parent: specifications
      source:
        type: http-fetcher
        configuration:
          url: "[[ configmap `task-management-config/openapi-url` ]]"
          useSystemProxy: false
      published: true