Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ab#55467 sq5 #227

Closed
wants to merge 30 commits into from
Closed

Ab#55467 sq5 #227

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
30 commits
Select commit Hold shift + click to select a range
299d131
feat(auth): Add support for OAuth2 client credentials (#224)
spbsoluble Nov 7, 2024
8bcf183
fix(ci): Bump tests timeout to 20m
spbsoluble Nov 7, 2024
82533c9
fix(ci): Update starter workflow
spbsoluble Nov 11, 2024
57e1250
fix(ci): Update starter workflow
spbsoluble Nov 11, 2024
dd7cbfb
Merge remote-tracking branch 'origin/ab#55467_sq4' into ab#55467_sq4
spbsoluble Nov 11, 2024
5008874
fix(ci): AKV auth provider test pass GH token.
spbsoluble Nov 12, 2024
f08667d
fix(cli): Handle and report SDK client errors.
spbsoluble Nov 12, 2024
38c9500
chore(deps): Bump `Keyfactor/keyfactor-auth-client-go` to `v1.0.0-rc.8`
spbsoluble Nov 12, 2024
96fbc76
fix(core): Don't log `bcrypt`ed strings.
spbsoluble Nov 13, 2024
449e1ee
fix(ci): `Test_AKV_PAM_KFC_12_3_0_OAUTH` run on k8s runners
spbsoluble Nov 13, 2024
4d56067
chore(deps): Bump `keyfactor-auth-client-go` to `v1.0.0-rc.18`
spbsoluble Nov 14, 2024
7d415b6
fix(tests): PAM tests accomodate for bug `63171`
spbsoluble Nov 14, 2024
9457be1
fix(ci): display working dir info
spbsoluble Nov 14, 2024
de029a3
fix(ci): revert pathing
spbsoluble Nov 14, 2024
668f372
feat(scripts): Enhance akv_auth script to detect run environment.
spbsoluble Nov 14, 2024
bc6d4b1
fix(auth): Auth via AKV config using `keyfactor-auth-client-go`
spbsoluble Nov 18, 2024
edf6f7d
fix(ci): Revert starter workflow to `v3`
spbsoluble Nov 18, 2024
0bc61c5
chore(docs): Update `Basic` auth verbiage and add `audidence` to oaut…
spbsoluble Nov 18, 2024
04d3fc0
chore(docs): Update CHANGELOG.md
spbsoluble Nov 18, 2024
020c30b
chore(store-types): Update store-type definitions with latest releases.
spbsoluble Nov 18, 2024
91376ae
fix(auth): Interactive auth prompt for `audience` and `scopes` for `o…
spbsoluble Nov 18, 2024
4bdd166
fix(auth): Add prompt for providing oauth access token directly rathe…
spbsoluble Nov 18, 2024
973ccd7
fix(auth): Interactive auth if no scopes are passed then don't pass a…
spbsoluble Nov 18, 2024
44a9da6
chore(docs): Update auth related docs with example `access_token` oAu…
spbsoluble Nov 18, 2024
cf11cbb
chore(docs): Update CHANGELOG.md with dep upgrades.
spbsoluble Nov 19, 2024
d69e361
chore(store-types): Remove airlock cert store type.
spbsoluble Nov 19, 2024
5303edf
fix(tests): Remove debug output from tests
spbsoluble Nov 19, 2024
da3a6a4
chore(store-types): Update embedded definitions.
spbsoluble Nov 19, 2024
76c4a6c
chore(store-types): Remove `AirlockWAF`
spbsoluble Nov 19, 2024
92997a4
feat(auth): Add support for OAuth2 client credentials (#224).
spbsoluble Nov 7, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
25 changes: 25 additions & 0 deletions .github/config/.terraform.lock.hcl
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

65 changes: 65 additions & 0 deletions .github/config/MODULE.MD
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
## Requirements

| Name | Version |
|---------------------------------------------------------------------------|---------|
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
| <a name="requirement_github"></a> [github](#requirement\_github) | >=6.2 |

## Providers

| Name | Version |
|------------------------------------------------------------|---------|
| <a name="provider_github"></a> [github](#provider\_github) | 6.3.1 |

## Modules

| Name | Source | Version |
|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------|---------|
| <a name="module_keyfactor_github_test_environment_10_5_0"></a> [keyfactor\_github\_test\_environment\_10\_5\_0](#module\_keyfactor\_github\_test\_environment\_10\_5\_0) | git::ssh://[email protected]/Keyfactor/terraform-module-keyfactor-github-test-environment-ad.git | main |
| <a name="module_keyfactor_github_test_environment_10_5_0_CLEAN"></a> [keyfactor\_github\_test\_environment\_10\_5\_0\_CLEAN](#module\_keyfactor\_github\_test\_environment\_10\_5\_0\_CLEAN) | git::ssh://[email protected]/Keyfactor/terraform-module-keyfactor-github-test-environment-ad.git | main |
| <a name="module_keyfactor_github_test_environment_11_5_0"></a> [keyfactor\_github\_test\_environment\_11\_5\_0](#module\_keyfactor\_github\_test\_environment\_11\_5\_0) | git::ssh://[email protected]/Keyfactor/terraform-module-keyfactor-github-test-environment-ad.git | main |
| <a name="module_keyfactor_github_test_environment_11_5_0_CLEAN"></a> [keyfactor\_github\_test\_environment\_11\_5\_0\_CLEAN](#module\_keyfactor\_github\_test\_environment\_11\_5\_0\_CLEAN) | git::ssh://[email protected]/Keyfactor/terraform-module-keyfactor-github-test-environment-ad.git | main |
| <a name="module_keyfactor_github_test_environment_11_5_0_OAUTH"></a> [keyfactor\_github\_test\_environment\_11\_5\_0\_OAUTH](#module\_keyfactor\_github\_test\_environment\_11\_5\_0\_OAUTH) | git::ssh://[email protected]/Keyfactor/terraform-module-keyfactor-github-test-environment-ad.git | main |
| <a name="module_keyfactor_github_test_environment_11_5_0_OAUTH_CLEAN"></a> [keyfactor\_github\_test\_environment\_11\_5\_0\_OAUTH\_CLEAN](#module\_keyfactor\_github\_test\_environment\_11\_5\_0\_OAUTH\_CLEAN) | git::ssh://[email protected]/Keyfactor/terraform-module-keyfactor-github-test-environment-ad.git | main |
| <a name="module_keyfactor_github_test_environment_12_3_0_AD"></a> [keyfactor\_github\_test\_environment\_12\_3\_0\_AD](#module\_keyfactor\_github\_test\_environment\_12\_3\_0\_AD) | git::ssh://[email protected]/Keyfactor/terraform-module-keyfactor-github-test-environment-ad.git | main |
| <a name="module_keyfactor_github_test_environment_12_3_0_AD_CLEAN"></a> [keyfactor\_github\_test\_environment\_12\_3\_0\_AD\_CLEAN](#module\_keyfactor\_github\_test\_environment\_12\_3\_0\_AD\_CLEAN) | git::ssh://[email protected]/Keyfactor/terraform-module-keyfactor-github-test-environment-ad.git | main |
| <a name="module_keyfactor_github_test_environment_12_3_0_OAUTH"></a> [keyfactor\_github\_test\_environment\_12\_3\_0\_OAUTH](#module\_keyfactor\_github\_test\_environment\_12\_3\_0\_OAUTH) | git::ssh://[email protected]/Keyfactor/terraform-module-keyfactor-github-test-environment-ad.git | main |
| <a name="module_keyfactor_github_test_environment_12_3_0_OAUTH_CLEAN"></a> [keyfactor\_github\_test\_environment\_12\_3\_0\_OAUTH\_CLEAN](#module\_keyfactor\_github\_test\_environment\_12\_3\_0\_OAUTH\_CLEAN) | git::ssh://[email protected]/Keyfactor/terraform-module-keyfactor-github-test-environment-ad.git | main |

## Resources

| Name | Type |
|---------------------------------------------------------------------------------------------------------------------------|-------------|
| [github_repository.repo](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/repository) | data source |

## Inputs

| Name | Description | Type | Default | Required |
|---------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------|----------|-----------------------------------------------------------------------------------------------------------|:--------:|
| <a name="input_keyfactor_auth_token_url"></a> [keyfactor\_auth\_token\_url](#input\_keyfactor\_auth\_token\_url) | The token URL to authenticate with the Keyfactor instance using oauth2 client credentials | `string` | `"https://int-oidc-lab.eastus2.cloudapp.azure.com:8444/realms/Keyfactor/protocol/openid-connect/token"` | no |
| <a name="input_keyfactor_client_id"></a> [keyfactor\_client\_id](#input\_keyfactor\_client\_id) | The client ID to authenticate with the Keyfactor instance using oauth2 client credentials | `string` | n/a | yes |
| <a name="input_keyfactor_client_secret"></a> [keyfactor\_client\_secret](#input\_keyfactor\_client\_secret) | The client secret to authenticate with the Keyfactor instance using oauth2 client credentials | `string` | n/a | yes |
| <a name="input_keyfactor_hostname_10_5_0"></a> [keyfactor\_hostname\_10\_5\_0](#input\_keyfactor\_hostname\_10\_5\_0) | The hostname of the Keyfactor v10.5.x instance | `string` | `"integrations1050-lab.kfdelivery.com"` | no |
| <a name="input_keyfactor_hostname_10_5_0_CLEAN"></a> [keyfactor\_hostname\_10\_5\_0\_CLEAN](#input\_keyfactor\_hostname\_10\_5\_0\_CLEAN) | The hostname of the Keyfactor v10.5.x instance with no stores or orchestrators. This is used for store-type tests. | `string` | `"int1050-test-clean.kfdelivery.com"` | no |
| <a name="input_keyfactor_hostname_11_5_0"></a> [keyfactor\_hostname\_11\_5\_0](#input\_keyfactor\_hostname\_11\_5\_0) | The hostname of the Keyfactor v11.5.x instance | `string` | `"integrations1150-lab.kfdelivery.com"` | no |
| <a name="input_keyfactor_hostname_11_5_0_CLEAN"></a> [keyfactor\_hostname\_11\_5\_0\_CLEAN](#input\_keyfactor\_hostname\_11\_5\_0\_CLEAN) | The hostname of the Keyfactor v11.5.x instance with no stores or orchestrators. This is used for store-type tests. | `string` | `"int1150-test-clean.kfdelivery.com"` | no |
| <a name="input_keyfactor_hostname_11_5_0_OAUTH"></a> [keyfactor\_hostname\_11\_5\_0\_OAUTH](#input\_keyfactor\_hostname\_11\_5\_0\_OAUTH) | The hostname of the Keyfactor instance | `string` | `"int-oidc-lab.eastus2.cloudapp.azure.com"` | no |
| <a name="input_keyfactor_hostname_11_5_0_OAUTH_CLEAN"></a> [keyfactor\_hostname\_11\_5\_0\_OAUTH\_CLEAN](#input\_keyfactor\_hostname\_11\_5\_0\_OAUTH\_CLEAN) | The hostname of the Keyfactor instance | `string` | `"int1150-oauth-test-clean.eastus2.cloudapp.azure.com"` | no |
| <a name="input_keyfactor_hostname_12_3_0"></a> [keyfactor\_hostname\_12\_3\_0](#input\_keyfactor\_hostname\_12\_3\_0) | The hostname of the Keyfactor v12.3.x instance | `string` | `"integrations1230-lab.kfdelivery.com"` | no |
| <a name="input_keyfactor_hostname_12_3_0_CLEAN"></a> [keyfactor\_hostname\_12\_3\_0\_CLEAN](#input\_keyfactor\_hostname\_12\_3\_0\_CLEAN) | The hostname of the Keyfactor v12.3.x instance with no stores or orchestrators. This is used for store-type tests. | `string` | `"int1230-test-clean.kfdelivery.com"` | no |
| <a name="input_keyfactor_hostname_12_3_0_OAUTH"></a> [keyfactor\_hostname\_12\_3\_0\_OAUTH](#input\_keyfactor\_hostname\_12\_3\_0\_OAUTH) | The hostname of the Keyfactor instance | `string` | `"int-oidc-lab.eastus2.cloudapp.azure.com"` | no |
| <a name="input_keyfactor_password_AD"></a> [keyfactor\_password\_AD](#input\_keyfactor\_password\_AD) | The password to authenticate with Keyfactor instance that uses AD authentication | `string` | n/a | yes |
| <a name="input_keyfactor_username_AD"></a> [keyfactor\_username\_AD](#input\_keyfactor\_username\_AD) | The username to authenticate with a Keyfactor instance that uses AD authentication | `string` | n/a | yes |
| <a name="input_kfc1230_client_id"></a> [kfc1230\_client\_id](#input\_kfc1230\_client\_id) | The client ID to authenticate with the Keyfactor instance using oauth2 client credentials | `string` | n/a | yes |
| <a name="input_kfc1230_client_secret"></a> [kfc1230\_client\_secret](#input\_kfc1230\_client\_secret) | The client secret to authenticate with the Keyfactor instance using oauth2 client credentials | `string` | n/a | yes |
| <a name="input_kfc1230_oauth_hostname"></a> [kfc1230\_oauth\_hostname](#input\_kfc1230\_oauth\_hostname) | The hostname of the Keyfactor instance | `string` | `"int1230c-oauth.eastus2.cloudapp.azure.com"` | no |
| <a name="input_kfc1230_oauth_token_url"></a> [kfc1230\_oauth\_token\_url](#input\_kfc1230\_oauth\_token\_url) | The hostname of the Keyfactor instance | `string` | `"https://int1230c-oauth.eastus2.cloudapp.azure.com:8444/realms/Keyfactor/protocol/openid-connect/token"` | no |
| <a name="input_kfc1230c_ad_hostname"></a> [kfc1230c\_ad\_hostname](#input\_kfc1230c\_ad\_hostname) | The hostname of the Keyfactor instance | `string` | `"int1230c-ad.eastus2.cloudapp.azure.com"` | no |
| <a name="input_kfc1230c_client_id"></a> [kfc1230c\_client\_id](#input\_kfc1230c\_client\_id) | The client ID to authenticate with the Keyfactor instance using oauth2 client credentials | `string` | n/a | yes |
| <a name="input_kfc1230c_client_secret"></a> [kfc1230c\_client\_secret](#input\_kfc1230c\_client\_secret) | The client secret to authenticate with the Keyfactor instance using oauth2 client credentials | `string` | n/a | yes |
| <a name="input_kfc1230c_oauth_hostname"></a> [kfc1230c\_oauth\_hostname](#input\_kfc1230c\_oauth\_hostname) | The hostname of the Keyfactor instance | `string` | `"int1230c-oauth.eastus2.cloudapp.azure.com"` | no |
| <a name="input_kfc1230c_oauth_token_url"></a> [kfc1230c\_oauth\_token\_url](#input\_kfc1230c\_oauth\_token\_url) | The hostname of the Keyfactor instance | `string` | `"https://int1230c-oauth.eastus2.cloudapp.azure.com:8444/realms/Keyfactor/protocol/openid-connect/token"` | no |

## Outputs

No outputs.
26 changes: 26 additions & 0 deletions .github/config/Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
.DEFAULT_GOAL := help

##@ Utility
help: ## Display this help
@awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n make \033[36m\033[0m\n"} /^[a-zA-Z_-]+:.*?##/ { printf " \033[36m%-15s\033[0m %s\n", $$1, $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST)

deps: ## Install deps for macos
@brew install pre-commit tflint terraform terraform-docs

docs: ## Run terraform-docs to update module docs.
@terraform-docs markdown . > MODULE.MD
@terraform-docs markdown table --output-file README.md --output-mode inject .

lint: ## Run tflint
@tflint

validate: ## Run terraform validate
@terraform init --upgrade
@terraform validate

precommit/add: ## Install pre-commit hook
@pre-commit install

precommit/remove: ## Uninstall pre-commit hook
@pre-commit uninstall

Loading
Loading