Add github manifest flow #35
Conversation
| Team: g.Team, | ||
| } | ||
| } | ||
| func (g *Github) GetCredentialsForAuthenticatedApp(config provider.AppConfig) (map[string]string, error) { |
There was a problem hiding this comment.
this function is called to create credentials for dex-operator
| @@ -37,12 +38,6 @@ type Config struct { | |||
| ClientSecret string | |||
| } | |||
|
|
|||
| type config struct { | |||
There was a problem hiding this comment.
Somehow this deletion appeared during merging. config was actually just renamed to Config.
| func (a *Azure) DeleteSecret(ctx context.Context, secretID *string, appID string) error { | ||
| requestBody := removepassword.NewRemovePasswordPostRequestBody() | ||
| func (a *Azure) DeleteSecret(ctx context.Context, secretID *uuid.UUID, appID string) error { | ||
| requestBody := applications.NewItemRemovePasswordPostRequestBody() |
There was a problem hiding this comment.
nothing changed here, functions were just renamed upstream
| return fmt.Sprintf(`client-id: %s | ||
| client-secret: %s | ||
| tenant-id: %s`, secret.ClientId, secret.ClientSecret, a.TenantID), nil | ||
| return map[string]string{ |
There was a problem hiding this comment.
We return a map with the credentials. The string returned earlier was just so it could be printed instantly
| team: %s | ||
| app-id: %v | ||
| private-key: %s`, c.ClientID, c.ClientSecret, c.Organization, c.Team, c.AppID, c.PrivateKey), nil | ||
| func (g *Github) CreateApp(config provider.AppConfig) (*githubclient.AppConfig, error) { |
There was a problem hiding this comment.
This function calls the manifest flow to create a github app
| } | ||
| }) | ||
| // Retrieves the app code after redirecting back to the local server | ||
| mux.HandleFunc("/retrieve", func(w http.ResponseWriter, r *http.Request) { |
There was a problem hiding this comment.
After the app manifest was submitted we get redirected to /retrieve which automatically retrieves the code we need to complete the manifest flow and creates the app with it. The app data is saved.
| http.Redirect(w, r, "/complete", http.StatusFound) | ||
| }) | ||
| // The flow is completed, show the user some sort of success and cancel the context | ||
| mux.HandleFunc("/complete", func(w http.ResponseWriter, r *http.Request) { |
There was a problem hiding this comment.
After retrieving the app data we get redirected to /complete which just shows the user a success template and closes the context
| return err | ||
| } | ||
|
|
||
| func newState() (string, error) { |
There was a problem hiding this comment.
We create a unique state here that is returned from github when retrieving the code.
| "strings" | ||
| ) | ||
|
|
||
| type Manifest struct { |
There was a problem hiding this comment.
the manifest represents the github app
| } | ||
|
|
||
| // This returns a comma seperated list of callback URLs for github applications | ||
| func getGithubRedirectURLs(domains []string) string { |
There was a problem hiding this comment.
dex-operator can not create github apps itself (github api does not allow it). However, since it does not need elevated access because of that, we can use the authenticated app itself for access via dex. For this to work we need to add the redirect URLs for dex instances we want to manage to the authenticated app.
|
Testing it right now is a little bit annoying. Essentially you need to provide github credentials based on a test-app in github as input files and then execute Setup. I can show you how to do that. |
Sounds good. |
* Add styles to templates * Serve assets?
towards giantswarm/roadmap#1764 giantswarm/roadmap#1914