-
Notifications
You must be signed in to change notification settings - Fork 665
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Monorepo] Enable proxy-authorization in admin client #4189
Conversation
Signed-off-by: Fabio Grätz <[email protected]>
Signed-off-by: Fabio Grätz <[email protected]>
Signed-off-by: Fabio Grätz <[email protected]>
Signed-off-by: Fabio Grätz <[email protected]>
Signed-off-by: Fabio Grätz <[email protected]>
Signed-off-by: Fabio Grätz <[email protected]>
…ture Signed-off-by: Fabio Grätz <[email protected]>
…ials future Signed-off-by: Fabio Grätz <[email protected]>
…future Signed-off-by: Fabio Grätz <[email protected]>
Signed-off-by: Fabio Grätz <[email protected]>
Signed-off-by: Fabio Grätz <[email protected]>
Signed-off-by: Fabio Grätz <[email protected]>
…efore Signed-off-by: Fabio Grätz <[email protected]>
Signed-off-by: Fabio Grätz <[email protected]>
Signed-off-by: Fabio Grätz <[email protected]>
Signed-off-by: Fabio Grätz <[email protected]>
…uthorization' into monorepo--importing-flyteidl-437 Signed-off-by: Eduardo Apolinario <[email protected]>
Signed-off-by: Eduardo Apolinario <[email protected]>
Codecov ReportAttention:
Additional details and impacted files@@ Coverage Diff @@
## master #4189 +/- ##
==========================================
+ Coverage 59.45% 59.94% +0.49%
==========================================
Files 638 569 -69
Lines 54134 41049 -13085
==========================================
- Hits 32183 24607 -7576
+ Misses 19404 14053 -5351
+ Partials 2547 2389 -158
Flags with carried forward coverage won't be shown. Click here to find out more.
☔ View full report in Codecov by Sentry. |
@fg91 , can you fix the error in single-binary propeller? It repros locally, just run |
Signed-off-by: Fabio Grätz <[email protected]>
952d2f5
to
d2013e9
Compare
Signed-off-by: Andrew Dye <[email protected]>
Describe your changes
This PR imports flyteorg/flyteidl#437 into the monorepo.
Original description
Part of an effort to integrate Flyte with GCP Identity Aware Proxy, see #3965.
Allows the flyteidl admin client to sent a
"proxy-authorization"
header with every request to flyteadmin. Tokens for this header are created using an external command which is configured via the newproxyCommand
config entry.Same logic as was introduced in
flytekit
in flyteorg/flytekit#1787.I replicated the existing logic in
MaterializeCredentials
andNewAuthInterceptor
for the second token. The external command is called a single time perflytectl
call.Tracking Issue
Closes #3965
Check all the applicable boxes
Screenshots
Note to reviewers