Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Script and process to generate OIDC config from federation directory. #139

Merged
merged 1 commit into from Jul 27, 2021
Merged

Script and process to generate OIDC config from federation directory. #139

merged 1 commit into from Jul 27, 2021

Conversation

dlorenc
Copy link
Member

@dlorenc dlorenc commented Jul 12, 2021

Signed-off-by: Dan Lorenc dlorenc@google.com

@dlorenc dlorenc force-pushed the fedcfg branch 2 times, most recently from ec5a007 to c624067 Compare July 12, 2021 00:40
@cpanato cpanato added this to the 0.2.0 milestone Jul 12, 2021
@dlorenc
Copy link
Member Author

dlorenc commented Jul 12, 2021
edited

TODO:

  • Merge this generated config into our config.yaml for prod fulcio
  • Add in the base entries (google, dex)
  • Tests to make sure the generated config is up to date

@dlorenc dlorenc force-pushed the fedcfg branch 5 times, most recently from eb26809 to 4d17ae5 Compare July 15, 2021 13:39
@dlorenc dlorenc changed the title WIP: script to generate OIDC config from federation directory. Script and process to generate OIDC config from federation directory. Jul 15, 2021
@dlorenc
Copy link
Member Author

dlorenc commented Jul 15, 2021

Ref #122

lukehinds
lukehinds reviewed Jul 19, 2021
View reviewed changes
config/fulcio-config.yaml
Comment on lines +30 to 36
"https://oidc.dlorenc.dev": {
"IssuerURL": "https://oidc.dlorenc.dev",
"ClientID": "sigstore",
"Type": "spiffe"
}
}
}
Copy link
Member

@lukehinds lukehinds Jul 19, 2021
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As this is the main default server config, could there be a fulcio-federated-config.yaml that is used for other specific providers? It could be under federated/config maybe?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Moved it down a directory! How's this?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I can't see that, it still seems to be in the main config.json

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So this file is actually generated now (and there's a test to make sure its up to date). The full merged list needs to be in one place. The user-edited ones are now in federation/ and federation/external.

Script and process to generate OIDC config from federation directory.
13e8a6b 
Signed-off-by: Dan Lorenc <dlorenc@google.com>
@dlorenc dlorenc merged commit c86b377 into sigstore:main Jul 27, 2021
This was referenced Jul 29, 2021
Closed
Closed
@pdxjohnny pdxjohnny mentioned this pull request Mar 14, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lukehinds lukehinds lukehinds left review comments

@bobcallaway bobcallaway bobcallaway approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v0.2.0
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@dlorenc @bobcallaway @lukehinds @cpanato