Skip to content

fix(docs): bad example for oidc setup with gcp #549

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 3, 2025
Merged

fix(docs): bad example for oidc setup with gcp #549

merged 1 commit into from
Sep 3, 2025

Conversation

@hamir-suspect
Copy link
Contributor

@hamir-suspect hamir-suspect commented Sep 3, 2025

📝 Description

The previous Google Cloud OIDC configuration had several problems:

  1. Circular configuration: Set google.subject to a static value, then checked if it equals that same static value
  2. Length limitation: Semaphore's JWT subject often exceeds Google Cloud's 127-byte limit
  3. No actual access control: The condition would always be true, defeating the security purpose

✅ Checklist

  • I have tested this change
  • This change requires documentation update

@github-project-automation github-project-automation bot moved this to Backlog in Roadmap Sep 3, 2025
@hamir-suspect hamir-suspect merged commit 602348e into main Sep 3, 2025
2 checks passed
@hamir-suspect hamir-suspect deleted the has/docs/fix-oidc-gcp branch September 3, 2025 15:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@DamjanBecirovic DamjanBecirovic DamjanBecirovic approved these changes

@lucaspin lucaspin Awaiting requested review from lucaspin

@skipi skipi Awaiting requested review from skipi skipi is a code owner

Assignees

No one assigned

Labels

None yet

Projects

Roadmap
Status: Backlog

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@hamir-suspect @DamjanBecirovic