Skip to content

Serve editor.ui.k8s.appscode.com read-only editor APIs#429

Closed
tamalsaha wants to merge 1 commit into
masterfrom
editor-api
Closed

Serve editor.ui.k8s.appscode.com read-only editor APIs#429
tamalsaha wants to merge 1 commit into
masterfrom
editor-api

Conversation

@tamalsaha

Copy link
Copy Markdown
Contributor

What

Serves a new read-only aggregated API group editor.ui.k8s.appscode.com/v1alpha1 from kube-ui-server:

  • EditorRender — renders an editor model/manifest/resources from a set of options (output = model|manifest|resources).
  • EditorTemplate — loads the editor model/manifest/resources for an existing installation.

Both wrap kubepack.dev/lib-app/pkg/editor (already vendored) and are registered in the aggregated apiserver next to the existing meta/cost groups.

Authorization (resources touched as the caller)

Each request is served by a controller-runtime client + lib-helm registry that impersonate the API caller (apirequest.UserFrom(ctx)rest.ImpersonationConfig). Every read performed while rendering/loading is therefore authorized against the caller's own RBAC.

Deployment requirement: the kube-ui-server service account must hold impersonate on users/groups/userextras.

Scope

Read-only only. Apply (PUT /editor/) and delete (DELETE /editor/) remain in b3. The load path deliberately skips CreateAppReleaseIfMissing to stay read-only (matching meta.resourcemanifests).

Depends on

Design doc: docs/design/editor-api.md. Part 2 of a 3-repo change (resource-metadata → ui-server → b3).

Add registry storages for the new editor.ui.k8s.appscode.com/v1alpha1 group:

- EditorRender renders an editor model/manifest/resources from options.
- EditorTemplate loads them for an existing installation.

Both wrap kubepack.dev/lib-app/pkg/editor and serve each request with a client
that impersonates the API caller (apirequest.UserFrom + rest.ImpersonationConfig),
so every read performed while rendering or loading is authorized against the
caller's own RBAC. Wired into the aggregated apiserver alongside the existing
meta/cost groups.

Requires the kube-ui-server service account to hold impersonate on
users/groups/userextras.

Read-only only; apply/delete stay in b3. Bumps resource-metadata to pull in the
editor API types.

Signed-off-by: Tamal Saha <tamal@appscode.com>
@tamalsaha tamalsaha closed this Jun 26, 2026
@tamalsaha tamalsaha deleted the editor-api branch June 26, 2026 17:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Development

Successfully merging this pull request may close these issues.

1 participant