Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dex Authentication - OpenID Connect Provider #231

Merged
merged 15 commits into from
Jul 12, 2022
Merged

Dex Authentication - OpenID Connect Provider #231

merged 15 commits into from
Jul 12, 2022

Conversation

alfespa17
Copy link
Member

@alfespa17 alfespa17 commented Jul 8, 2022
edited
Loading

Dex Authentication

Removing native Azure Active Directory Authentication, the API now is using Dex a federated OpenID Connect Provider to handle authentication using different connectors, so now Terrakube can be used with different authentication providers supported by Dex.

The following property is used to set the Dex Uri.

org.terrakube.token.issuer-uri=${DexIssuerUri}

Implementing Personal Access Token

  • Implementing endpoint to create PAT:
POST {{server}}/pat/v1

{
    "days": 7,
    "description": "Sample Personal Access Token"
}
  • Lis created PAT
GET {{server}}/pat/v1
[
    {
        "createdDate": "2022-07-10T17:40:16.193+00:00",
        "createdBy": "XXXX",
        "updatedDate": "2022-07-10T17:40:16.193+00:00",
        "updatedBy": "XXXX",
        "id": "070c3d2d-7fc0-40c3-bf28-ae6f727b79d9",
        "days": 7,
        "description": "Sample Personal Access Token"
    },
    {
        "createdDate": "2022-07-10T17:40:18.155+00:00",
        "createdBy": "XXXX",
        "updatedDate": "2022-07-10T17:40:18.155+00:00",
        "updatedBy": "XXXX",
        "id": "68382f7e-c073-4694-8a14-029b590fab21",
        "days": 7,
        "description": "Sample Personal Access Token"
    }
]

This is implemented using JJWT, all tokens are signed with a secret provided when the application is starting

org.terrakube.token.pat=${PatSecret}
  • Terrakube Registry now support PAT inside the /.terraformrc file
{
  "credentials": {
    "terrakube.registry.domain": {
      "token": "PAT"
    }
  }
}

Implement Terrakube Internal Token.

Terrakube now use an internal JWT for component communication, the token is signed by a secret that is loaded in the application startup

org.terrakube.token.internal=${InternalSecret}

Updated Terraform Login Protocol

The terraform login protocol implemented in Terrakube Registry now supports Dex for the authentication

@alfespa17 alfespa17 mentioned this pull request Jul 11, 2022
Closed
@alfespa17 alfespa17 changed the title Dex authentication Dex - OpenID Connect Provider Jul 11, 2022
This was referenced Jul 11, 2022
Closed
Closed
@alfespa17 alfespa17 linked an issue Jul 11, 2022 that may be closed by this pull request
Implement DEX authentication #190
Closed
@alfespa17 alfespa17 changed the title Dex - OpenID Connect Provider Dex Authentication - OpenID Connect Provider Jul 11, 2022
@sonarcloud
Copy link

sonarcloud bot commented Jul 12, 2022

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 15 Code Smells

2.6% 2.6% Coverage
0.3% 0.3% Duplication

@alfespa17 alfespa17 self-assigned this Jul 12, 2022
@alfespa17 alfespa17 added documentation Improvements or additions to documentation enhancement New feature or request dependencies Pull requests that update a dependency file labels Jul 12, 2022
@alfespa17 alfespa17 added this to the 2.6.0 milestone Jul 12, 2022
@alfespa17 alfespa17 merged commit ecaa5ee into main Jul 12, 2022
@alfespa17 alfespa17 deleted the dex-authentication branch July 12, 2022 23:42
@alfespa17 alfespa17 mentioned this pull request Jul 13, 2022
Closed
@alfespa17 alfespa17 mentioned this pull request Aug 29, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@alfespa17 alfespa17

Labels
dependencies Pull requests that update a dependency file documentation Improvements or additions to documentation enhancement New feature or request
Projects
None yet
Milestone
2.6.0
Development

Successfully merging this pull request may close these issues.

Implement DEX authentication
1 participant
@alfespa17