Skip to content

feat: wire MCM to Ory IAM stack#804

Open
kirgene wants to merge 2 commits into
mainfrom
feat/iam-zanzibar
Open

feat: wire MCM to Ory IAM stack#804
kirgene wants to merge 2 commits into
mainfrom
feat/iam-zanzibar

Conversation

@kirgene

@kirgene kirgene commented May 20, 2026
edited
Loading

Copy link
Copy Markdown
Contributor
  • Oathkeeper rules route MCM requests with Keto-backed authorization
  • Keto loads OPL namespaces from /etc/keto-namespaces, populated by per-service OCI ImageVolumes
  • MCM API env wired with Hydra/Kratos/Keto admin URLs
  • global.iam.* shared values in umbrella chart

Companion MCM API PR (ships the OPL file in the Docker image): mojaloop/connection-manager-api#193

Closes #4398, #4404, #4399.

@kirgene kirgene force-pushed the feat/iam-zanzibar branch from 77a4c20 to bd3b1ce Compare May 20, 2026 03:25
@kirgene kirgene mentioned this pull request May 20, 2026
Merged
@kirgene kirgene marked this pull request as ready for review May 20, 2026 03:31
@kirgene kirgene force-pushed the feat/iam-zanzibar branch from bd3b1ce to 663645c Compare May 20, 2026 05:17
@kirgene kirgene linked an issue May 25, 2026 that may be closed by this pull request
Add Oathkeeper RBAC rules to connection-manager Helm chart mojaloop/project#4398
Closed
@kirgene
feat(iam): wire MCM to Ory IAM stack
f9a795c 
- Oathkeeper rules route MCM requests with Keto-backed authorization
- Keto loads OPL namespaces from /etc/keto-namespaces, populated by
  per-service OCI ImageVolumes
- MCM API env wired with Hydra/Kratos/Keto admin URLs
- global.iam.* shared values in umbrella chart

Closes #4398, #4404, #4399.
@kirgene kirgene force-pushed the feat/iam-zanzibar branch from 663645c to f9a795c Compare May 27, 2026 14:44
@sonarqubecloud

sonarqubecloud Bot commented Jun 7, 2026

Copy link
Copy Markdown

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@kirgene kirgene mentioned this pull request Jun 15, 2026
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@elnyry-sam-k elnyry-sam-k Awaiting requested review from elnyry-sam-k elnyry-sam-k is a code owner

@vijayg10 vijayg10 Awaiting requested review from vijayg10 vijayg10 is a code owner

@kleyow kleyow Awaiting requested review from kleyow kleyow is a code owner

@bushjames bushjames Awaiting requested review from bushjames bushjames is a code owner

@oderayi oderayi Awaiting requested review from oderayi oderayi is a code owner

@shashi165 shashi165 Awaiting requested review from shashi165 shashi165 is a code owner

@gibaros gibaros Awaiting requested review from gibaros gibaros is a code owner

@kalinkrustev kalinkrustev Awaiting requested review from kalinkrustev kalinkrustev is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add Oathkeeper RBAC rules to connection-manager Helm chart

1 participant

@kirgene