Add support for proxying services via GHA job services #41781
Labels
application-access
feature-request
Used for new features in Teleport, improvements to current should be #enhancements
machine-id
What would you like Teleport to do?
GitHub Actions supports running container images in the background to provide services to a workflow job. I would like to be able to proxy services behind Teleport using this GHA feature. Here's an example of what a workflow would look like:
What problem does this solve?
It makes it easier to access services behind Teleport within GHA workflows. Additionally, this avoids writing the cert/key to the disk, which reduces the chance that they get leaked.
There are two technical reasons why this doesn't work today:
proxy
subcommand can't be specifiedtbot
needs to authenticate with the Teleport control plane and/or service prior to starting the proxy. This would require an additional step which GHA does not support.If a workaround exists, please include it.
Install tbot, authenticate with Teleport, write the certs to disk, and point the local tool at the certs (if supported).
The text was updated successfully, but these errors were encountered: