The kagent UI/dashboard is exposed without authentication. We should have a story for securing access to it.
Discussion: https://discord.com/channels/1346225185166065826/1346225185841221644/1516428842057601165
Two things that came up:
- A
HTTPRoute + NetworkPolicy to gate/restrict access.
- The OpenShift Route (openshift-route.yaml) renders whenever the
route.openshift.io/v1 API is present — there's no value to toggle it off and no auth in front of it, so on OpenShift it's effectively always exposed.
The kagent UI/dashboard is exposed without authentication. We should have a story for securing access to it.
Discussion: https://discord.com/channels/1346225185166065826/1346225185841221644/1516428842057601165
Two things that came up:
HTTPRoute+NetworkPolicyto gate/restrict access.route.openshift.io/v1API is present — there's no value to toggle it off and no auth in front of it, so on OpenShift it's effectively always exposed.