refactor: update crabidp references to barycenter and add Gateway API support

Replace all remaining references to "crabidp" with "barycenter" across: - Source code (error diagnostics, CLI name, comments) - Configuration files and defaults - Environment variable prefixes (CRABIDP__ → BARYCENTER__) - Documentation (CLAUDE.md, README.md, DEPLOYMENT.md) - Deployment configurations (Docker Compose, Helm, systemd, FreeBSD, illumos) - Database filenames (crabidp.db → barycenter.db) Add Kubernetes Gateway API support to Helm chart: - New HTTPRoute template for Gateway API - Configurable parentRefs, hostnames, filters, and weights - Support for advanced traffic management features - Gateway API as modern alternative to traditional Ingress - Documentation and examples in DEPLOYMENT.md Benefits of Gateway API: - More expressive and extensible routing - Role-oriented design with separation of concerns - Better vendor portability - Advanced traffic management capabilities The Helm chart now supports both traditional Ingress and Gateway API, allowing users to choose based on their cluster capabilities and requirements. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2026-04-10 13:10:42 +00:00 · 2025-11-29 15:38:07 +01:00 · 2025-11-29 15:38:07 +01:00 · 9b0481b258
commit 9b0481b258
parent c8b27bf196
14 changed files with 148 additions and 33 deletions
--- a/.claude/settings.local.json
+++ b/.claude/settings.local.json
@ -13,7 +13,15 @@
      "Bash(pkill:*)",
      "mcp__github__search_repositories",
      "mcp__github__get_me",
-      "mcp__github__search_users"
+      "mcp__github__search_users",
+      "Bash(git push:*)",
+      "Bash(mkdir:*)",
+      "Bash(git add:*)",
+      "Bash(gh run list:*)",
+      "Bash(gh run view:*)",
+      "Bash(cargo fmt:*)",
+      "Bash(cargo clippy:*)",
+      "Bash(rm:*)"
    ],
    "deny": [],
    "ask": []
--- a/CLAUDE.md
+++ b/CLAUDE.md
@ -64,7 +64,7 @@ cargo nextest run test_name
 The application loads configuration from:
 1. Default values (defined in `src/settings.rs`)
 2. Configuration file (default: `config.toml`)
-3. Environment variables with prefix `CRABIDP__` (e.g., `CRABIDP__SERVER__PORT=9090`)
+3. Environment variables with prefix `BARYCENTER__` (e.g., `BARYCENTER__SERVER__PORT=9090`)

 Environment variables use double underscores as separators for nested keys.

--- a/DEPLOYMENT.md
+++ b/DEPLOYMENT.md
@ -71,7 +71,7 @@ Edit `docker-compose.yml` to customize:
 ```yaml
 environment:
  - RUST_LOG=info
-  - CRABIDP__SERVER__PUBLIC_BASE_URL=https://idp.example.com
+  - BARYCENTER__SERVER__PUBLIC_BASE_URL=https://idp.example.com
 ```

 ---
@ -150,6 +150,53 @@ helm install barycenter ./deploy/helm/barycenter \
  --values my-values.yaml
 ```

+4. **Using Gateway API instead of Ingress:**
+
+The Helm chart supports Kubernetes Gateway API as a modern alternative to Ingress. Gateway API requires the Gateway API CRDs to be installed in your cluster.
+
+Create `gateway-values.yaml`:
+
+```yaml
+# Disable traditional Ingress
+ingress:
+  enabled: false
+
+# Enable Gateway API
+gatewayAPI:
+  enabled: true
+  parentRefs:
+    - name: my-gateway
+      namespace: gateway-system
+      sectionName: https  # Optional: target specific listener
+  hostnames:
+    - idp.example.com
+  annotations:
+    # Optional annotations for the HTTPRoute
+    example.com/custom: value
+
+config:
+  server:
+    publicBaseUrl: "https://idp.example.com"
+
+persistence:
+  enabled: true
+  size: 20Gi
+```
+
+Install with Gateway API:
+
+```bash
+helm install barycenter ./deploy/helm/barycenter \
+  --namespace barycenter \
+  --values gateway-values.yaml
+```
+
+**Benefits of Gateway API:**
+- More expressive and extensible than Ingress
+- Role-oriented design with clear separation of concerns
+- Better support for advanced traffic management
+- Vendor-neutral and portable across implementations
+
 ### Management

 **Upgrade:**
@ -297,15 +344,15 @@ sudo svcadm enable barycenter

 ### Environment Variables

-All configuration can be overridden using environment variables with the `CRABIDP__` prefix:
+All configuration can be overridden using environment variables with the `BARYCENTER__` prefix:

 ```bash
 # Override server settings
-export CRABIDP__SERVER__PORT=9090
-export CRABIDP__SERVER__PUBLIC_BASE_URL=https://idp.example.com
+export BARYCENTER__SERVER__PORT=9090
+export BARYCENTER__SERVER__PUBLIC_BASE_URL=https://idp.example.com

 # Override database
-export CRABIDP__DATABASE__URL=sqlite:///custom/path/db.sqlite
+export BARYCENTER__DATABASE__URL=sqlite:///custom/path/db.sqlite

 # Set logging
 export RUST_LOG=debug
@ -322,7 +369,7 @@ port = 8080
 public_base_url = "https://idp.example.com"  # Required in production

 [database]
-url = "sqlite://crabidp.db?mode=rwc"
+url = "sqlite://barycenter.db?mode=rwc"

 [keys]
 jwks_path = "data/jwks.json"
@ -399,7 +446,7 @@ chown barycenter:barycenter /var/lib/barycenter

 **Critical files to backup:**
 1. Private RSA key (`private_key.pem`)
-2. Database (`crabidp.db`)
+2. Database (`barycenter.db`)
 3. Configuration (`config.toml`)

 **Backup script example:**
@ -410,7 +457,7 @@ BACKUP_DIR=/backup/barycenter/$(date +%Y%m%d)
 mkdir -p $BACKUP_DIR

 # Backup database
-sqlite3 /var/lib/barycenter/crabidp.db ".backup '$BACKUP_DIR/crabidp.db'"
+sqlite3 /var/lib/barycenter/barycenter.db ".backup '$BACKUP_DIR/barycenter.db'"

 # Backup keys and config
 cp /var/lib/barycenter/data/private_key.pem $BACKUP_DIR/
--- a/README.md
+++ b/README.md
@ -53,7 +53,7 @@ port = 8080
 public_base_url = "http://localhost:8080"

 [database]
-connection_string = "sqlite://crabidp.db?mode=rwc"
+connection_string = "sqlite://barycenter.db?mode=rwc"

 [keys]
 jwks_path = "data/jwks.json"
--- a/config.toml
+++ b/config.toml
@ -5,7 +5,7 @@ port = 8080
 # public_base_url = "https://idp.example.com"

 [database]
-url = "sqlite://crabidp.db?mode=rwc"
+url = "sqlite://barycenter.db?mode=rwc"

 [keys]
 jwks_path = "data/jwks.json"
--- a/deploy/freebsd/README.md
+++ b/deploy/freebsd/README.md
@ -37,7 +37,7 @@ This directory contains rc.d script for running Barycenter on FreeBSD systems.
   Edit `/usr/local/etc/barycenter/config.toml` and update paths:
   ```toml
   [database]
-   url = "sqlite:///var/db/barycenter/crabidp.db?mode=rwc"
+   url = "sqlite:///var/db/barycenter/barycenter.db?mode=rwc"

   [keys]
   jwks_path = "/var/db/barycenter/data/jwks.json"
--- a/deploy/helm/barycenter/templates/httproute.yaml
+++ b/deploy/helm/barycenter/templates/httproute.yaml
@ -0,0 +1,36 @@
+{{- if .Values.gatewayAPI.enabled }}
+apiVersion: gateway.networking.k8s.io/v1
+kind: HTTPRoute
+metadata:
+  name: {{ include "barycenter.fullname" . }}
+  labels:
+    {{- include "barycenter.labels" . | nindent 4 }}
+  {{- with .Values.gatewayAPI.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  {{- with .Values.gatewayAPI.parentRefs }}
+  parentRefs:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with .Values.gatewayAPI.hostnames }}
+  hostnames:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  rules:
+  - matches:
+    - path:
+        type: PathPrefix
+        value: /
+    backendRefs:
+    - name: {{ include "barycenter.fullname" . }}
+      port: {{ .Values.service.port }}
+      {{- if .Values.gatewayAPI.backendWeight }}
+      weight: {{ .Values.gatewayAPI.backendWeight }}
+      {{- end }}
+    {{- with .Values.gatewayAPI.filters }}
+    filters:
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
+{{- end }}
--- a/deploy/helm/barycenter/values.yaml
+++ b/deploy/helm/barycenter/values.yaml
@ -55,6 +55,30 @@ ingress:
  #    hosts:
  #      - idp.example.com

+# Kubernetes Gateway API support (alternative to Ingress)
+# Requires Gateway API CRDs to be installed in the cluster
+gatewayAPI:
+  enabled: false
+  annotations: {}
+  # Reference to the Gateway resource
+  parentRefs:
+    - name: gateway
+      namespace: gateway-system
+      # Optional: specify listener name
+      # sectionName: https
+  # Hostnames for the HTTPRoute
+  hostnames:
+    - idp.example.com
+  # Optional: backend weight for traffic splitting
+  # backendWeight: 100
+  # Optional: filters for request/response modification
+  filters: []
+  #  - type: RequestHeaderModifier
+  #    requestHeaderModifier:
+  #      add:
+  #        - name: X-Custom-Header
+  #          value: custom-value
+
 resources:
  limits:
    cpu: 1000m
@ -84,7 +108,7 @@ config:
    # publicBaseUrl: "https://idp.example.com"

  database:
-    url: "sqlite:///app/data/crabidp.db?mode=rwc"
+    url: "sqlite:///app/data/barycenter.db?mode=rwc"

  keys:
    jwksPath: "/app/data/jwks.json"
@ -99,7 +123,7 @@ env:
  - name: RUST_LOG
    value: "info"
  # Add additional environment variables here
-  # - name: CRABIDP__SERVER__PUBLIC_BASE_URL
+  # - name: BARYCENTER__SERVER__PUBLIC_BASE_URL
  #   value: "https://idp.example.com"

 # Persistence for database and keys
--- a/deploy/illumos/README.md
+++ b/deploy/illumos/README.md
@ -40,7 +40,7 @@ This directory contains SMF (Service Management Facility) manifest for running B
   Edit `/etc/barycenter/config.toml` and update paths:
   ```toml
   [database]
-   url = "sqlite:///var/barycenter/crabidp.db?mode=rwc"
+   url = "sqlite:///var/barycenter/barycenter.db?mode=rwc"

   [keys]
   jwks_path = "/var/barycenter/data/jwks.json"
@ -110,7 +110,7 @@ To set environment variables, edit the manifest and modify the `method_environme
 ```xml
 <method_environment>
    <envvar name='RUST_LOG' value='debug' />
-    <envvar name='CRABIDP__SERVER__PUBLIC_BASE_URL' value='https://idp.example.com' />
+    <envvar name='BARYCENTER__SERVER__PUBLIC_BASE_URL' value='https://idp.example.com' />
 </method_environment>
 ```

--- a/deploy/systemd/README.md
+++ b/deploy/systemd/README.md
@ -32,7 +32,7 @@ This directory contains systemd service files for running Barycenter on Linux sy
   Edit `/etc/barycenter/config.toml` and update paths:
   ```toml
   [database]
-   url = "sqlite:///var/lib/barycenter/crabidp.db?mode=rwc"
+   url = "sqlite:///var/lib/barycenter/barycenter.db?mode=rwc"

   [keys]
   jwks_path = "/var/lib/barycenter/data/jwks.json"
@ -89,6 +89,6 @@ You can override configuration using environment variables in the service file:

 ```ini
 [Service]
-Environment="CRABIDP__SERVER__PUBLIC_BASE_URL=https://idp.example.com"
+Environment="BARYCENTER__SERVER__PUBLIC_BASE_URL=https://idp.example.com"
 Environment="RUST_LOG=debug"
 ```
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -14,11 +14,11 @@ services:

    environment:
      # Override config via environment variables
-      # Use CRABIDP__ prefix with double underscores for nested keys
+      # Use BARYCENTER__ prefix with double underscores for nested keys
      - RUST_LOG=info
-      # Example: CRABIDP__SERVER__PORT=8080
-      # Example: CRABIDP__SERVER__PUBLIC_BASE_URL=https://idp.example.com
-      # Example: CRABIDP__DATABASE__URL=sqlite:///app/data/crabidp.db?mode=rwc
+      # Example: BARYCENTER__SERVER__PORT=8080
+      # Example: BARYCENTER__SERVER__PUBLIC_BASE_URL=https://idp.example.com
+      # Example: BARYCENTER__DATABASE__URL=sqlite:///app/data/barycenter.db?mode=rwc

    volumes:
      # Persist database and keys
--- a/src/errors.rs
+++ b/src/errors.rs
@ -4,31 +4,31 @@ use thiserror::Error;
 #[derive(Debug, Error, Diagnostic)]
 pub enum CrabError {
    #[error("I/O error: {0}")]
-    #[diagnostic(code(crabidp::io))]
+    #[diagnostic(code(barycenter::io))]
    Io(#[from] std::io::Error),

    #[error("Config error: {0}")]
-    #[diagnostic(code(crabidp::config))]
+    #[diagnostic(code(barycenter::config))]
    Config(#[from] config::ConfigError),

    #[error("Serialization error: {0}")]
-    #[diagnostic(code(crabidp::serde))]
+    #[diagnostic(code(barycenter::serde))]
    Serde(#[from] serde_json::Error),

    #[error("Database error: {0}")]
-    #[diagnostic(code(crabidp::db))]
+    #[diagnostic(code(barycenter::db))]
    Db(#[from] sea_orm::DbErr),

    #[error("JOSE error: {0}")]
-    #[diagnostic(code(crabidp::jose))]
+    #[diagnostic(code(barycenter::jose))]
    Jose(String),

    #[error("Bad request: {0}")]
-    #[diagnostic(code(crabidp::bad_request))]
+    #[diagnostic(code(barycenter::bad_request))]
    BadRequest(String),

    #[error("{0}")]
-    #[diagnostic(code(crabidp::other))]
+    #[diagnostic(code(barycenter::other))]
    Other(String),
 }

--- a/src/main.rs
+++ b/src/main.rs
@ -10,7 +10,7 @@ use miette::{IntoDiagnostic, Result};
 use tracing_subscriber::{fmt, EnvFilter};

 #[derive(Parser, Debug)]
-#[command(name = "crabidp", version, about = "OpenID Connect IdP (scaffold)")]
+#[command(name = "barycenter", version, about = "OpenID Connect Identity Provider")]
 struct Cli {
    /// Path to configuration file
    #[arg(short, long, default_value = "config.toml")]
--- a/src/settings.rs
+++ b/src/settings.rs
@ -20,7 +20,7 @@ pub struct Server {

 #[derive(Debug, Clone, Serialize, Deserialize)]
 pub struct Database {
-    /// SeaORM/SQLx connection string, e.g., sqlite://crabidp.db?mode=rwc
+    /// SeaORM/SQLx connection string, e.g., sqlite://barycenter.db?mode=rwc
    pub url: String,
 }

@ -55,7 +55,7 @@ impl Default for Server {
 impl Default for Database {
    fn default() -> Self {
        Self {
-            url: "sqlite://crabidp.db?mode=rwc".to_string(),
+            url: "sqlite://barycenter.db?mode=rwc".to_string(),
        }
    }
 }