Creating providers with config #3334
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
stacklokbot
reviewed
May 15, 2024
jhrozek
commented
May 15, 2024
jhrozek
commented
May 15, 2024
jhrozek
commented
May 15, 2024
jhrozek
commented
May 15, 2024
jhrozek
commented
May 15, 2024
jhrozek
commented
May 15, 2024
jhrozek
commented
May 15, 2024
jhrozek
commented
May 15, 2024
stacklokbot
reviewed
May 15, 2024
stacklokbot
reviewed
May 15, 2024
dmjb
requested changes
May 16, 2024
| return nil, fmt.Errorf("error getting provider config: %w", err) | ||
| } | ||
|
|
||
| // This method feels like it should be part of the class manager? |
There was a problem hiding this comment.
Yes, it probably should :) ... but I would not block on it.
JAORMX
reviewed
May 16, 2024
stacklokbot
reviewed
May 17, 2024
stacklokbot
reviewed
May 17, 2024
dmjb
reviewed
May 20, 2024
dmjb
reviewed
May 20, 2024
dmjb
reviewed
May 20, 2024
10 tasks
|
No longer a draft. Even after splitting some patches out, this is still a relatively large PR. I would welcome ideas on how to split it. |
jhrozek
changed the title
dmjb
reviewed
May 30, 2024
| // See the License for the specific language governing permissions and | ||
| // limitations under the License. | ||
|
|
||
| // Package session contains the business logic for creating providers from session state. |
There was a problem hiding this comment.
Thought: I wonder if we should move other session state logic in here in future. (not a blocker for this PR)
dmjb
reviewed
May 30, 2024
| return g.ghService.GetConfig(ctx, class, userConfig) | ||
| } | ||
|
|
||
| func fallbackOAuthClientConfigValues(provider string, cfg *server.OAuthClientConfig) { |
There was a problem hiding this comment.
Could we do this config-reading logic once at application startup?
|
@dmjb ready for another review |
…iderTracker In order to be able to add the providerAuthManager in the next step and avoid code duplication, let's make the providerClassManager a little more reusable by extracting the code that tracks registered classes.
Adds the providerAuthManager interface that exposes per-provider OAuth settings. This allows the provider creation in an OAuth callback to let the provider specific code sit in the provider codebase and let the creation be provider agnostic. ALso creates a sessionService that currently allows to create a provider from a session record that is created before the OAuth conversation. Fixes: mindersec#3263
Adds the CLI support for creating an OAuth provider with a config.
Two or more, use a for.
Allows to pass provider configuration when creating a GH app. This will be useful for creating providers with repository auto-enrollment. Fixes: mindersec#3263 Unlike the OAuth flow which is reusable for any provider, the GH App flow is quite GH-app specific and thus uses the original GH app handler.
We added a ProviderConfig-based structure but then in a subsequent patch we overwrite its values unconditionally. Let's only overwrite them when set.
Based on review feedback, to isolate the fallback code.
dmjb
approved these changes
Jun 4, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This would create a provider with custom configuration.
The OAuth code is generic and can be used by any provider. The GH App config code is very GH App specific, but that whole flow is unlikely to be reusable, so I think that's fine.
With github you can enroll either with oauth:
or:
Change Type
Testing
see above
Review Checklist: