-
Notifications
You must be signed in to change notification settings - Fork 121
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Access Token Management #38
Comments
Is this a duplicate of #53 ? |
It was discussed offline that since Access Tokens are used by Tekton Pull Request Resources, we can integrate Access Tokens into the core Dashboard's Secrets page, instead of making Access Tokens a separate Extensions page. 👍 This raises a few design questions about how to create paneling for Secret with different types on one page. A big question I have is about which Secrets we will display. Right now we filter to only show Secrets of type Also, would this be a good time to think about introducing SSHAuth Secrets to the Dashboard? (They're supported by Tekton's authentication). So maybe we should include them in the mockups even if the implementation work isn't given a high priority at the moment. (@mnuttall do you have any input on this?) |
/assign mi-wang |
Latest Update: |
Updated Invision link: Please let me know if any links are broken and if you have any feedback/comment would be greatly appreciated :) |
It seems like there are a number of secrets & options that we can configure in the Dashboard, but at the moment we would like to keep things as minimal as possible. So, I did some research to try and clarify what we want to show in the Secrets view: Tekton supported Secret types are:
And they also sort-of support:
At the moment, it looks like we can cover all of our use cases by allowing users to manage the following secret types:
These secrets will have the option of being patched to ServiceAccounts as regular secrets (not as ImagePullSecrets). For example, this script to prepare secrets for the pipeline-hotel Pipeline. We must be able to add Annotations to the Since we don't want the Tekton Dashboard to become a Kubernetes Dashboard, I think that we should keep our Secret management limited to this for now. @mnuttall and/or @dibbles can you please validate that the scenario I've proposed above will cover all of our current use-cases with the webhook extension & tekton dashboard? |
technically correct i think..... but given the use cases and the fact it "sort of supports" the other secret type we might want to think about allowing creation of said docker secrets and patching .... maybe this could be separated as a follow on to reduce the scope of the task at hand. I could see an argument for permitting the creation and patching of these if we think deploying an app is going to be something lots of people want to do. I'd defer to @mnuttall |
I clarified with Mark, that we are not concerned with |
Rotten issues close after 30d of inactivity. /close Send feedback to tektoncd/plumbing. |
@tekton-robot: Closing this issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
The 'first pass' at panelling for webhook management allows for access tokens to be created and deleted. We need a separate 'access token management' page where existing tokens can be presented in tabular form, as well as created and deleted. (Edit is not required.)
Consider whether users creating webhooks can be linked to and from a unified access token management dialog when creating one in the process of creating a webhook.
The text was updated successfully, but these errors were encountered: