Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for authenticating via GitHub OIDC #142

Merged
merged 1 commit into from
Jan 26, 2022
Merged

Support for authenticating via GitHub OIDC #142

merged 1 commit into from
Jan 26, 2022

Conversation

manicminer
Copy link
Owner

@manicminer manicminer commented Jan 24, 2022
edited
Loading

  • Add a new authorizer GitHubOIDCAuthorizer which supports OIDC token exchange for authenticating to Azure Active Directory

The GHA workflow that tests this runs on a hosted runner and is already committed to main, for testing this PR, and also includes a step that runs the azure/login action for validating that the same backend configuration is valid for the GitHubOIDCAuthorizer test. The azure/login action is not needed for this support to work, it's only being run for comparison.

Docs References:

@manicminer manicminer force-pushed the feature/github-oidc-authentication branch 7 times, most recently from 1528024 to 7f26c28 Compare January 24, 2022 15:48
simongottschlag
simongottschlag reviewed Jan 24, 2022
View reviewed changes
Copy link
Contributor

@simongottschlag simongottschlag left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the audience required by Azure is missing

auth/github.go Show resolved Hide resolved
auth/github.go Outdated Show resolved Hide resolved
@manicminer
Copy link
Owner Author

Thanks @simongottschlag! I was staring at this for too long and my brain could not do the diff :D

@manicminer manicminer force-pushed the feature/github-oidc-authentication branch 5 times, most recently from fb41912 to cb40790 Compare January 25, 2022 21:25
@manicminer manicminer force-pushed the feature/github-oidc-authentication branch 2 times, most recently from d54c681 to e746418 Compare January 25, 2022 21:36
@manicminer manicminer marked this pull request as ready for review January 25, 2022 21:36
@manicminer manicminer changed the title WIP github oidc auth Support for authenticating via GitHub OIDC Jan 25, 2022
@manicminer manicminer added enhancement New feature or request package/auth labels Jan 25, 2022
@manicminer manicminer added this to the v0.40.0 milestone Jan 25, 2022
@manicminer manicminer force-pushed the feature/github-oidc-authentication branch from e746418 to dc03205 Compare January 26, 2022 09:57
@manicminer manicminer force-pushed the feature/github-oidc-authentication branch from dc03205 to 5b4971b Compare January 26, 2022 09:58
jackofallops
jackofallops approved these changes Jan 26, 2022
View reviewed changes
Copy link
Collaborator

@jackofallops jackofallops left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀

@manicminer manicminer merged commit d45e1ea into main Jan 26, 2022
@manicminer manicminer deleted the feature/github-oidc-authentication branch January 26, 2022 12:19
manicminer added a commit that referenced this pull request Jan 26, 2022
@manicminer
Changelog for #142
027e7fe
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@simongottschlag simongottschlag simongottschlag left review comments

@jackofallops jackofallops jackofallops approved these changes

@tombuildsstuff tombuildsstuff Awaiting requested review from tombuildsstuff

Assignees
No one assigned
Labels
enhancement New feature or request package/auth
Projects
None yet
Milestone
v0.40.0
Development

Successfully merging this pull request may close these issues.
3 participants
@manicminer @jackofallops @simongottschlag