Skip to content

feat: option to restrict org creation #2290

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 9 commits into from
Jul 28, 2025
Merged

feat: option to restrict org creation #2290

merged 9 commits into from
Jul 28, 2025

Conversation

migmartri
Copy link
Member

This PR adds a new setting in the controlplane config to restrict the creation of orgs to instance administrators, it includes

  • configuration setting
  • new role org:instance:admin associated with a new org creation policy
  • enforcement logic (if the setting is enabled) in the org creation service handler
  • exposure of this feature being enabled in the infoz endpoint.

This is the error you get if you try to create an org and it's disabled and you are not admin

ERR creation of organizations is restricted to instance admins
exit status 1

Closes #2270

@migmartri
feat: option to restrict org creation
6fa4c0d 
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
@migmartri migmartri requested review from jiparis and javirln July 26, 2025 22:32
migmartri added 5 commits July 26, 2025 23:38
@migmartri
chore: update helm chart
d20a23b 
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
@migmartri
chore: update helm chart
bfbd604 
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
@migmartri
chore: update helm chart
af797b7 
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
@migmartri
add value for ent
455a07f 
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
@migmartri
add value for ent
e8fe8c2 
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
@migmartri migmartri marked this pull request as draft July 27, 2025 23:32
@migmartri
chore: fix middleware
8317a01 
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
@migmartri migmartri marked this pull request as ready for review July 27, 2025 23:45
@migmartri
feat: support for admins auto-omboarding
d415712 
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
jiparis
jiparis approved these changes Jul 28, 2025
View reviewed changes
Copy link
Member

@jiparis jiparis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice, just a nit comment.

@migmartri
fix: add instance type
0780ad5 
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
@migmartri migmartri merged commit ad68570 into chainloop-dev:main Jul 28, 2025
13 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jiparis jiparis jiparis approved these changes

@javirln javirln Awaiting requested review from javirln

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

configure who can create orgnanizations
2 participants
@migmartri @jiparis