Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add third-party login #10

Merged
merged 55 commits into from
Dec 29, 2023
Merged

Add third-party login #10

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
55 commits
Select commit Hold shift + click to select a range
152ad59
Merge pull request #8 from Clem-Fern/dev
Clem-Fern Dec 7, 2023
35590a4
fix ci actions
Clem-Fern Dec 7, 2023
9a51027
fix ci actions
Clem-Fern Dec 7, 2023
4de0f25
docker: fix docker compose network
Clem-Fern Dec 7, 2023
bfe39c0
docs: v0.3.0
Clem-Fern Dec 7, 2023
b447d37
docs: fix bfe39c0df0b86092433f7f5f1501777196364c74 url
Clem-Fern Dec 7, 2023
dacf920
build(deps): bump zerocopy from 0.7.29 to 0.7.31
dependabot[bot] Dec 15, 2023
35b2d57
Merge pull request #11 from Clem-Fern/dependabot/cargo/zerocopy-0.7.31
Clem-Fern Dec 16, 2023
557a50b
build(deps): bump unsafe-libyaml from 0.2.9 to 0.2.10
dependabot[bot] Dec 21, 2023
cc292b3
Merge pull request #12 from Clem-Fern/dependabot/cargo/unsafe-libyaml…
Clem-Fern Dec 21, 2023
c81c691
Add GitHub login
EkkoG Dec 22, 2023
82a1fc5
Add login success page
EkkoG Dec 23, 2023
dc40db8
Rename page title to Tabby Config Sync
EkkoG Dec 23, 2023
9a1d69c
Remove login success page, keep only login page to simplify the login…
EkkoG Dec 23, 2023
9792da5
Add GitHub state param for security
EkkoG Dec 23, 2023
a8de388
Add state cookie valid time limit
EkkoG Dec 23, 2023
16fd207
Make the pages look better
EkkoG Dec 25, 2023
79ecb41
Add home page, redirect to login page, add missing files for Docker
EkkoG Dec 25, 2023
6a97cac
Clippy code
EkkoG Dec 25, 2023
a49ad59
Fixed docker build fail
EkkoG Dec 25, 2023
e08c694
Add missing file for docker images
EkkoG Dec 25, 2023
1dc0a3b
Remove useless log
EkkoG Dec 25, 2023
cb61133
Support config static files base dir
EkkoG Dec 25, 2023
22b3a17
Add favicon
EkkoG Dec 25, 2023
e3e55cd
Support config server scheme
EkkoG Dec 25, 2023
a11e7b2
Fixed typo
EkkoG Dec 25, 2023
a579749
Remove openssl deps, fixed crash when request GitHub access token
EkkoG Dec 25, 2023
655b048
Check db users when bearer auth
EkkoG Dec 26, 2023
f24d525
Mark token as UNIQUE
EkkoG Dec 26, 2023
da584c2
Move login to home page
EkkoG Dec 26, 2023
0e6daa1
Modulize third-party login
EkkoG Dec 26, 2023
fa9962c
Rename method
EkkoG Dec 26, 2023
6aa51b3
Add GitLab login
EkkoG Dec 26, 2023
04a3960
Add Google login
EkkoG Dec 26, 2023
7b424ce
Refine code
EkkoG Dec 27, 2023
f4e4a5d
Refactor
EkkoG Dec 27, 2023
d788ea6
Use reqwest::Url::parse_with_params to build url
EkkoG Dec 27, 2023
0b805ac
Add Microsoft login
EkkoG Dec 27, 2023
1abc7af
Clippy code
EkkoG Dec 27, 2023
3bbf039
Make third-party login and providers optional
EkkoG Dec 27, 2023
9504583
Add login docker image
EkkoG Dec 27, 2023
0fb4d42
Refine tag name
EkkoG Dec 27, 2023
0bf3b67
Show login button when the platform's config is ready
EkkoG Dec 27, 2023
b9e7aa3
Fixed docker CI
EkkoG Dec 27, 2023
e13a342
Merge two docker-compose file
EkkoG Dec 27, 2023
d498778
Change image name of docker-compose
EkkoG Dec 27, 2023
f3b3a80
Try to add default latest docker image
EkkoG Dec 28, 2023
f1aebf2
Move most of login code to login module
EkkoG Dec 28, 2023
500f6af
Refactor providers
EkkoG Dec 28, 2023
97bd401
Move env name define to login module
EkkoG Dec 28, 2023
e47f9cc
Add logout
EkkoG Dec 28, 2023
7b6b2c5
Refine style
EkkoG Dec 28, 2023
27a4590
Add content-type header for pages, better compatibility when reverse …
EkkoG Dec 29, 2023
c265ba0
Show version on page
EkkoG Dec 29, 2023
1e0bf91
Refine text
EkkoG Dec 29, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
106 changes: 30 additions & 76 deletions .github/workflows/rtabby.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@ on:
tags: [ 'v*.*.*' ]
pull_request:
branches: [ "master" ]
release:
types: [published]

env:
CARGO_TERM_COLOR: always
Expand Down Expand Up @@ -33,8 +35,12 @@ jobs:
run: cargo test --verbose

docker:
strategy:
matrix:
db: [mysql, sqlite]
login: [true, false]
name: Docker
if: github.event_name != 'pull_request' && ${{ always() && contains(join(needs.*.result, ','), 'success') }}
if: ${{ always() && contains(join(needs.*.result, ','), 'success') }}
needs: [clippy, build]
runs-on: ubuntu-latest
permissions:
Expand Down Expand Up @@ -70,78 +76,19 @@ jobs:
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

# Extract metadata (tags, labels) for Docker
# https://github.com/docker/metadata-action
- name: Extract Docker metadata
id: meta
uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934 # v5.0.0
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: latest

# Build and push Docker image with Buildx
# https://github.com/docker/build-push-action
- name: Build and push Docker image
id: build-and-push
uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0
with:
context: .
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max

# Sign the resulting Docker image digest except on PRs.
# This will only write to the public Rekor transparency log when the Docker
# repository is public to avoid leaking data. If you would like to publish
# transparency data even for private images, pass --force to cosign below.
# https://github.com/sigstore/cosign
- name: Sign the published Docker image
- name: Prepare
id: prep
env:
# https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable
TAGS: ${{ steps.meta.outputs.tags }}
DIGEST: ${{ steps.build-and-push.outputs.digest }}
# This step uses the identity token to provision an ephemeral certificate
# against the sigstore community Fulcio instance.
run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}
docker-sqlite:
name: Docker (Sqlite)
if: github.event_name != 'pull_request' && ${{ always() && contains(join(needs.*.result, ','), 'success') }}
needs: [clippy, build]
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
# This is used to complete the identity challenge
# with sigstore/fulcio when running outside of PRs.
id-token: write

steps:
- name: Checkout repository
uses: actions/checkout@v3

# Install the cosign tool except on PR
# https://github.com/sigstore/cosign-installer
- name: Install cosign
uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 #v3.1.1
with:
cosign-release: 'v2.1.1'

# Set up BuildKit Docker container builder to be able to build
# multi-platform images and export cache
# https://github.com/docker/setup-buildx-action
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0

# Login against a Docker registry except on PR
# https://github.com/docker/login-action
- name: Log into registry ${{ env.REGISTRY }}
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
REF: ${{ github.ref }}
run: |
if [[ "$REF" == "refs/tags/v"* ]]; then
tag=$(git describe --tags $(git rev-list --tags --max-count=1))
tag=${tag:1}
else
tag=$(git log -1 --format="%cd" --date=short | sed s/-//g)
fi
echo "TAG=$tag" >> $GITHUB_OUTPUT
echo "GIT_COMMIT=$(echo $(git rev-parse HEAD) | cut -c1-7)" >> $GITHUB_OUTPUT

# Extract metadata (tags, labels) for Docker
# https://github.com/docker/metadata-action
Expand All @@ -150,7 +97,11 @@ jobs:
uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934 # v5.0.0
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: sqlite
tags: |
${{ matrix.db }}${{ matrix.login && '-login' || '' }}-latest
${{ matrix.db }}${{ matrix.login && '-login' || '' }}-${{ steps.prep.outputs.TAG }}
${{ matrix.db == 'mysql' && !matrix.login && 'latest' || '' }}


# Build and push Docker image with Buildx
# https://github.com/docker/build-push-action
Expand All @@ -159,23 +110,26 @@ jobs:
uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0
with:
context: .
file: Dockerfile-sqlite
push: true
push: ${{ github.event_name == 'release' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
build-args: |
FEATURE_FLAGS=${{ matrix.db == 'sqlite' && '--no-default-features|-F|sqlite-bundle' || '-F|mysqlclient-static' }}|${{ matrix.login && '-F|all-login' || '' }}
GIT_COMMIT=${{ steps.prep.outputs.GIT_COMMIT }}

# Sign the resulting Docker image digest except on PRs.
# This will only write to the public Rekor transparency log when the Docker
# repository is public to avoid leaking data. If you would like to publish
# transparency data even for private images, pass --force to cosign below.
# https://github.com/sigstore/cosign
- name: Sign the published Docker image
if: ${{ github.event_name == 'release' }}
env:
# https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable
TAGS: ${{ steps.meta.outputs.tags }}
DIGEST: ${{ steps.build-and-push.outputs.digest }}
# This step uses the identity token to provision an ephemeral certificate
# against the sigstore community Fulcio instance.
run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}
run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}
Loading