Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Identity for oauth aux #1286

Merged
merged 24 commits into from
Feb 19, 2025
Merged

Identity for oauth aux #1286

merged 24 commits into from
Feb 19, 2025

Conversation

satr
Copy link
Contributor

@satr satr commented Feb 13, 2025

No description provided.

@satr satr self-assigned this Feb 13, 2025
@satr satr requested a review from Richard87 February 17, 2025 13:33
Richard87
Richard87 requested changes Feb 18, 2025
View reviewed changes
Copy link
Contributor

@Richard87 Richard87 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it valuable to refactor, and move the oauth2proxy related code to its own package (pkg/apis/oauth2proxy or similar)?

pkg/apis/radix/v1/radixapptypes.go Outdated

// UseAzureIdentity defines that credentials for authenticating using Azure Workload Identity instead of using a ClientSecret.
// +optional
UseAzureIdentity *bool `json:"useAzureIdentity,omitempty"`
Copy link
Contributor

@Richard87 Richard87 Feb 18, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To make it slighly more future proof, could we use something like

Credentials: "secret"|"AzureWorkloadIdentity"

instead? (in case oauth2proxy changes their implementation and supports more providers that we want to support)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Replaced

@satr
Copy link
Contributor Author

satr commented Feb 18, 2025

Is it valuable to refactor, and move the oauth2proxy related code to its own package (pkg/apis/oauth2proxy or similar)?

Moving to oauth2proxy requires moving other code due to cyclic references and several private methods. I think this need to be done without reviewving new functionality.

Richard87
Richard87 approved these changes Feb 19, 2025
View reviewed changes
Copy link
Contributor

@Richard87 Richard87 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me!

@satr satr merged commit df68344 into master Feb 19, 2025
5 checks passed
@satr satr deleted the identity-for-oauth-aux branch February 19, 2025 10:27
satr added a commit that referenced this pull request Feb 20, 2025
@satr
Merge pull request #1293 from equinor/master
c6e9343 
Identity for oauth aux (#1286)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Richard87 Richard87 Richard87 approved these changes

Assignees

@satr satr

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@satr @Richard87