Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support OIDC file token authentication #3382

Merged
merged 3 commits into from
Jun 24, 2024
Merged

Support OIDC file token authentication #3382

merged 3 commits into from
Jun 24, 2024

Conversation

thomas11
Copy link
Contributor

@thomas11 thomas11 commented Jun 24, 2024
edited
Loading

One typical way of authenticating via OIDC is that the identity provider supplies the OIDC token in a file. This provider already had support for this built in to the auth stack, but due to an oversight, validation wouldn't consider it and the provider would error before attempting to authenticate. This PR fixed this oversight and resolves #3373.

pulumi/registry#4790 updates the docs accordingly.

@thomas11 thomas11 requested review from a team and danielrbradley June 24, 2024 09:41
@github-actions GitHub Actions
Copy link

Does the PR have any schema changes?

Looking good! No breaking changes found.
No new resources/functions.

@thomas11 thomas11 mentioned this pull request Jun 24, 2024
Merged
@codecov Codecov
Copy link

codecov bot commented Jun 24, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 56.87%. Comparing base (78e0d82) to head (b13fc1a).

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #3382      +/-   ##
==========================================
+ Coverage   56.82%   56.87%   +0.04%     
==========================================
  Files          66       66              
  Lines        8083     8092       +9     
==========================================
+ Hits         4593     4602       +9     
  Misses       3055     3055              
  Partials      435      435

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

danielrbradley
danielrbradley reviewed Jun 24, 2024
View reviewed changes
Copy link
Member

@danielrbradley danielrbradley left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Core change looks okay, but I think we need to update the provider config in the schem, and update the docs too: https://www.pulumi.com/registry/packages/azure-native/installation-configuration/

provider/pkg/provider/auth.go Show resolved Hide resolved
@thomas11
Copy link
Contributor Author

Core change looks okay, but I think we need to update the provider config in the schem, and update the docs too: https://www.pulumi.com/registry/packages/azure-native/installation-configuration/

Registry PR is already open, see PR description

@thomas11 thomas11 enabled auto-merge (squash) June 24, 2024 10:35
@thomas11 thomas11 merged commit adbafd9 into master Jun 24, 2024
23 checks passed
@thomas11 thomas11 deleted the tkappler/oidc-file branch June 24, 2024 11:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@danielrbradley danielrbradley danielrbradley approved these changes

Assignees

@thomas11 thomas11

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Support using ARM_OIDC_TOKEN_FILE_PATH to Configure OIDC
2 participants
@thomas11 @danielrbradley