Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Makefile: stop pinning openfga/go-sdk #12688

Merged
merged 3 commits into from Jan 18, 2024
Merged

Makefile: stop pinning openfga/go-sdk #12688

merged 3 commits into from Jan 18, 2024

Conversation

simondeziel
Copy link
Member

@simondeziel simondeziel commented Dec 20, 2023
edited

Upstream now targets Go 1.20 in the latest version: https://github.com/openfga/go-sdk/releases/tag/v0.3.2

@tomponline
Copy link
Member

@simondeziel please can you rebase

@simondeziel
Copy link
Member Author

It seems the test failures are not directly related to unpinning openfga/go-sdk as seen in https://github.com/canonical/lxd/actions/runs/7454568581/job/20282120778.

@markylaing do you have any idea?

+ BROWSER=curl lxc remote add --accept-certificate oidc 127.0.0.1:39545 --auth-type oidc
+ set +x
+ timeout --foreground 120 /home/runner/go/bin/lxc remote add --accept-certificate oidc 127.0.0.1:39545 --auth-type oidc --verbose
time="2024-01-08T23:47:58Z" level=info msg="http: TLS handshake error from 127.0.0.1:43686: EOF"
time="2024-01-08T23:47:58Z" level=info msg="http: TLS handshake error from 127.0.0.1:43694: remote error: tls: bad certificate"
URL: http://127.0.0.1:54791/device?user_code=JHGK-WJSN

@tomponline
Copy link
Member

@markylaing please can you assist @simondeziel with this

@markylaing
Copy link
Contributor

It seems the test failures are not directly related to unpinning openfga/go-sdk as seen in https://github.com/canonical/lxd/actions/runs/7454568581/job/20282120778.

@markylaing do you have any idea?

+ BROWSER=curl lxc remote add --accept-certificate oidc 127.0.0.1:39545 --auth-type oidc
+ set +x
+ timeout --foreground 120 /home/runner/go/bin/lxc remote add --accept-certificate oidc 127.0.0.1:39545 --auth-type oidc --verbose
time="2024-01-08T23:47:58Z" level=info msg="http: TLS handshake error from 127.0.0.1:43686: EOF"
time="2024-01-08T23:47:58Z" level=info msg="http: TLS handshake error from 127.0.0.1:43694: remote error: tls: bad certificate"
URL: http://127.0.0.1:54791/device?user_code=JHGK-WJSN

Sorry for missing this. It looks like the update to the underlying zitadel library will optimistically populate user data early if it can https://github.com/zitadel/oidc/blame/57d04e74651766c47097c8253bf08417a366d553/pkg/op/token.go#L212-L217.

This commit from incus should fix it: lxc/incus@d202fba

@markylaing
Copy link
Contributor

I've confirmed that the oidc test works after cherry picking lxc/incus@d202fba. I think it makes sense to include the cherry pick in this PR because the failures only occur after the module update.

simondeziel and others added 3 commits January 18, 2024 09:55
@simondeziel
Makefile: stop pinning openfga/go-sdk
06d01e3 
The current latest version downgrade target go version to 1.20.

Signed-off-by: Simon Deziel <simon.deziel@canonical.com>
@simondeziel
gomod: Update dependencies
0b6b496 
Signed-off-by: Simon Deziel <simon.deziel@canonical.com>
@stgraber @simondeziel
mini-oidc: Implement user store
6d7c14c 
Signed-off-by: Stéphane Graber <stgraber@stgraber.org>
(cherry picked from commit d202fba41fc1d9001dddc3de690623ade4b21adc)
Signed-off-by: Simon Deziel <simon.deziel@canonical.com>
License: Apache-2.0
@simondeziel
Copy link
Member Author

@markylaing thank you very much, it worked.

@tomponline tomponline merged commit e387ad5 into canonical:main Jan 18, 2024
25 of 26 checks passed
@simondeziel simondeziel deleted the openfga-go-sdk branch January 18, 2024 16:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tomponline tomponline tomponline approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@simondeziel @tomponline @markylaing @stgraber