fixup: KeySelectors description

Signed-off-by: KevFan <[email protected]>
Kuadrant · Feb 5, 2025 · ec6d50f · ec6d50f
1 parent a5a73a3
commit ec6d50f
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 6 deletions.
diff --git a/api/v1beta3/auth_config_types.go b/api/v1beta3/auth_config_types.go
@@ -357,8 +357,8 @@ type ApiKeyAuthenticationSpec struct {
 	AllNamespaces bool `json:"allNamespaces,omitempty"`
 
 	// List of keys within the selected Kubernetes secret that contain valid API credentials.
-	// Authorino will attempt to authenticate using the first key that matches.
-	// If no match is found, authentication will fail.
+	// Authorino will attempt to authenticate using any matching key, including "api-key".
+	// If no match is found, the Kubernetes secret is not considered a valid Authorino API Key secret and is ignored.
 	// +optional
 	KeySelectors []string `json:"keySelectors,omitempty"`
 }

diff --git a/install/crd/authorino.kuadrant.io_authconfigs.yaml b/install/crd/authorino.kuadrant.io_authconfigs.yaml
@@ -2396,8 +2396,8 @@ spec:
                         keySelectors:
                           description: |-
                             List of keys within the selected Kubernetes secret that contain valid API credentials.
-                            Authorino will attempt to authenticate using the first key that matches.
-                            If no match is found, authentication will fail.
+                            Authorino will attempt to authenticate using any matching key, including "api-key".
+                            If no match is found, the Kubernetes secret is not considered a valid Authorino API Key secret and is ignored.
                           items:
                             type: string
                           type: array

diff --git a/install/manifests.yaml b/install/manifests.yaml
@@ -2663,8 +2663,8 @@ spec:
                         keySelectors:
                           description: |-
                             List of keys within the selected Kubernetes secret that contain valid API credentials.
-                            Authorino will attempt to authenticate using the first key that matches.
-                            If no match is found, authentication will fail.
+                            Authorino will attempt to authenticate using any matching key, including "api-key".
+                            If no match is found, the Kubernetes secret is not considered a valid Authorino API Key secret and is ignored.
                           items:
                             type: string
                           type: array