diff --git a/README.md b/README.md
index 847d8323..2d8c43ae 100644
--- a/README.md
+++ b/README.md
@@ -38,10 +38,10 @@ make deploy
```
-
### Installing via OLM
-To install the Operator using the [Operator Lifecycle Manager](https://olm.operatorframework.io/), you need to make the Operator CSVs available in the cluster by creating a `CatalogSource` resource.
+To install the Operator using the [Operator Lifecycle Manager](https://olm.operatorframework.io/), you need to make the
+Operator CSVs available in the cluster by creating a `CatalogSource` resource.
The bundle and catalog images of the Operator are available in Quay.io:
@@ -64,7 +64,8 @@ The bundle and catalog images of the Operator are available in Quay.io:
kubectl create namespace authorino-operator
```
-2. Create the [CatalogSource](https://olm.operatorframework.io/docs/concepts/crds/catalogsource) resource pointing to one of the images from in the Operator's catalog repo:
+2. Create the [CatalogSource](https://olm.operatorframework.io/docs/concepts/crds/catalogsource) resource pointing to
+ one of the images from in the Operator's catalog repo:
```sh
kubectl -n authorino-operator apply -f -<Use `ports` instead |
-| ports | [Ports](#ports) | Port numbers of the authorization server (gRPC and raw HTTPinterfaces). | Optional |
-| tls | [TLS](#tls) | TLS configuration of the authorization server (GRPC and HTTP interfaces). | Required |
-| timeout | Integer | Timeout of external authorization request (in milliseconds), controlled internally by the authorization server. | Default: `0` (disabled) |
+| Field | Type | Description | Required/Default |
+|---------|:---------------:|-----------------------------------------------------------------------------------------------------------------|------------------------------------------|
+| port | Integer | Port number of authorization server (gRPC interface). | _**DEPRECATED**_
Use `ports` instead |
+| ports | [Ports](#ports) | Port numbers of the authorization server (gRPC and raw HTTPinterfaces). | Optional |
+| tls | [TLS](#tls) | TLS configuration of the authorization server (GRPC and HTTP interfaces). | Required |
+| timeout | Integer | Timeout of external authorization request (in milliseconds), controlled internally by the authorization server. | Default: `0` (disabled) |
#### OIDCServer
-Configuration of the OIDC Discovery server for [Festival Wristband](https://github.com/Kuadrant/authorino/blob/main/docs/features.md#festival-wristband-tokens-responsewristband) tokens.
+Configuration of the OIDC Discovery server for [Festival Wristband](https://github.com/Kuadrant/authorino/blob/main/docs/features.md#festival-wristband-tokens-responsewristband)
+tokens.
-| Field | Type | Description | Required/Default |
-|-------|:-----------:|-------------|------------------|
-| port | Integer | Port number of OIDC Discovery server for Festival Wristband tokens. | Default: `8083` |
-| tls | [TLS](#tls) | TLS configuration of the OIDC Discovery server for Festival Wristband tokens | Required |
+| Field | Type | Description | Required/Default |
+|-------|:-----------:|------------------------------------------------------------------------------|------------------|
+| port | Integer | Port number of OIDC Discovery server for Festival Wristband tokens. | Default: `8083` |
+| tls | [TLS](#tls) | TLS configuration of the OIDC Discovery server for Festival Wristband tokens | Required |
#### TLS
TLS configuration of server. Appears in [`listener`](#listener) and [`oidcServer`](#oidcserver).
-| Field | Type | Description | Required/Default |
-|---------------|:-------:|-------------|------------------|
-| enabled | Boolean | Whether TLS is enabled or disabled for the server. | Default: `true` |
+| Field | Type | Description | Required/Default |
+|---------------|:-------------------------------------------------------------------------------------------------------------------------:|-----------------------------------------------------------------------------------------|-------------------------------|
+| enabled | Boolean | Whether TLS is enabled or disabled for the server. | Default: `true` |
| certSecretRef | [LocalObjectReference](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#localobjectreference-v1-core) | The reference to the secret that contains the TLS certificates `tls.crt` and `tls.key`. | Required when `enabled: true` |
#### Ports
Port numbers of the authorization server.
-| Field | Type | Description | Required/Default |
-|-------|:-------:|-------------|------------------|
-| grpc | Integer | Port number of the gRPC interface of the authorization server. Set to 0 to disable this interface. | Default: `50001` |
-| http | Integer | Port number of the raw HTTP interface of the authorization server. Set to 0 to disable this interface. | Default: `5001` |
+| Field | Type | Description | Required/Default |
+|-------|:-------:|--------------------------------------------------------------------------------------------------------|------------------|
+| grpc | Integer | Port number of the gRPC interface of the authorization server. Set to 0 to disable this interface. | Default: `50001` |
+| http | Integer | Port number of the raw HTTP interface of the authorization server. Set to 0 to disable this interface. | Default: `5001` |
#### Tracing
Configuration of the OpenTelemetry tracing exporter.
-| Field | Type | Description | Required/Default |
-|----------|:------:|-------------|------------------|
-| endpoint | String | Full endpoint of the OpenTelemetry tracing collector service (e.g. http://jaeger:14268/api/traces). | Required |
-| tags | Map | Key-value map of fixed tags to add to all OpenTelemetry traces emitted by Authorino. | Optional |
+| Field | Type | Description | Required/Default |
+|----------|:------:|-----------------------------------------------------------------------------------------------------|------------------|
+| endpoint | String | Full endpoint of the OpenTelemetry tracing collector service (e.g. http://jaeger:14268/api/traces). | Required |
+| tags | Map | Key-value map of fixed tags to add to all OpenTelemetry traces emitted by Authorino. | Optional |
#### Metrics
Configuration of the metrics server.
-| Field | Type | Description | Required/Default |
-|-------|:-------:|-------------|------------------|
-| port | Integer | Port number of the metrics server. | Default: `8080` |
+| Field | Type | Description | Required/Default |
+|-------|:-------:|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------|
+| port | Integer | Port number of the metrics server. | Default: `8080` |
| deep | Boolean | Enable/disable metrics at the level of each evaluator config (if requested in the [`AuthConfig`](https://github.com/Kuadrant/authorino/blob/main/docs/user-guides/metrics.md)) exported by the metrics server. | Default: `false` |
#### Healthz
Configuration of the health/readiness probe (port).
-| Field | Type | Description | Required/Default |
-|-------|:-------:|-------------|------------------|
-| port | Integer | Port number of the health/readiness probe. | Default: `8081` |
-
+| Field | Type | Description | Required/Default |
+|-------|:-------:|--------------------------------------------|------------------|
+| port | Integer | Port number of the health/readiness probe. | Default: `8081` |
#### VolumesSpec
-Additional volumes to project in the Authorino pods. Useful for validation of TLS self-signed certificates of external services known to have to be contacted by Authorino at runtime.
+Additional volumes to project in the Authorino pods. Useful for validation of TLS self-signed certificates of external
+services known to have to be contacted by Authorino at runtime.
-| Field | Type | Description | Required/Default |
-|-------------|:---------------------------:|-------------|------------------|
-| items | [[]VolumeSpec](#volumespec) | List of additional volume items to project. | Optional |
-| defaultMode | Integer | Mode bits used to set permissions on the files. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. | Optional |
+| Field | Type | Description | Required/Default |
+|-------------|:---------------------------:|------------------------------------------------------------------------------------------------------------------------------------|------------------|
+| items | [[]VolumeSpec](#volumespec) | List of additional volume items to project. | Optional |
+| defaultMode | Integer | Mode bits used to set permissions on the files. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. | Optional |
#### VolumeSpec
-| Field | Type | Description | Required/Default |
-|------------|:--------:|-------------|------------------|
-| name | String | Name of the volume and volume mount within the Deployment. It must be unique in the CR. | Optional |
-| mountPath | String | Absolute path where to mount all the items. | Required |
-| configMaps | []String | List of of Kubernetes ConfigMap names to mount. | Required exactly one of: `confiMaps`, `secrets`. |
-| secrets | []String | List of of Kubernetes Secret names to mount. | Required exactly one of: `confiMaps`, `secrets`. |
-| items | [[]KeyToPath](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#keytopath-v1-core) | Mount details for selecting specific ConfigMap or Secret entries. | Optional |
+| Field | Type | Description | Required/Default |
+|------------|:-----------------------------------------------------------------------------------------------------:|-----------------------------------------------------------------------------------------|--------------------------------------------------|
+| name | String | Name of the volume and volume mount within the Deployment. It must be unique in the CR. | Optional |
+| mountPath | String | Absolute path where to mount all the items. | Required |
+| configMaps | []String | List of of Kubernetes ConfigMap names to mount. | Required exactly one of: `confiMaps`, `secrets`. |
+| secrets | []String | List of of Kubernetes Secret names to mount. | Required exactly one of: `confiMaps`, `secrets`. |
+| items | [[]KeyToPath](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#keytopath-v1-core) | Mount details for selecting specific ConfigMap or Secret entries. | Optional |
### Full example
@@ -260,12 +266,12 @@ spec:
volumes:
items:
- - name: keycloak-tls-cert
- mountPath: /etc/ssl/certs
- configMaps:
- - keycloak-tls-cert
- items: # details to mount the k8s configmap in the authorino pods
- - key: keycloak.crt
- path: keycloak.crt
+ - name: keycloak-tls-cert
+ mountPath: /etc/ssl/certs
+ configMaps:
+ - keycloak-tls-cert
+ items: # details to mount the k8s configmap in the authorino pods
+ - key: keycloak.crt
+ path: keycloak.crt
defaultMode: 420
```