Aditya Manthramurthy
0e502899a8
Add support for multiple OpenID providers with role policies ( #14223 )
...
- When using multiple providers, claim-based providers are not allowed. All
providers must use role policies.
- Update markdown config to allow `details` HTML element
2022-04-28 18:27:09 -07:00
Naveen
879de20edf
Set permissions for GitHub actions ( #14693 )
...
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ )
> Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
https://www.legitsecurity.com/blog/github-privilege-escalation-vulnerability
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2022-04-11 02:45:59 -07:00
Sergey Zhuk
3970204009
ci: Check for new go-version. Bump setup-go to v3 ( #14598 )
2022-03-25 08:56:04 -07:00
Aditya Manthramurthy
0a224654c2
fix: progagation of service accounts for site replication ( #14054 )
...
- Only non-root-owned service accounts are replicated for now.
- Add integration tests for OIDC with site replication
2022-01-07 17:41:43 -08:00
Harshavardhana
e82a5c5c54
fix: site replication issues and add tests ( #13861 )
...
- deleting policies was deleting all LDAP
user mapping, this was a regression introduced
in #13567
- deleting of policies is properly sent across
all sites.
- remove unexpected errors instead embed the real
errors as part of the 500 error response.
2021-12-08 11:50:15 -08:00
Harshavardhana
4f3290309e
Revert "disable CI/CD for draft PRs ( #13784 )"
...
This reverts commit 5a22f2cf0b
.
2021-11-30 09:22:17 -08:00
Krishnan Parthasarathi
5a22f2cf0b
disable CI/CD for draft PRs ( #13784 )
2021-11-29 23:35:07 -08:00
Aditya Manthramurthy
1e2fac054c
Add caching to CI jobs ( #13712 )
...
- Seems to be improving times for shorter jobs at least.
- Remove Go 1.16.x tests for IAM and replication
2021-11-19 16:18:23 -08:00
Aditya Manthramurthy
087c1b98dc
Add tests for OpenID STS creds and add to CI ( #13638 )
2021-11-11 11:23:30 -08:00
Harshavardhana
5acc8c0134
add multi-site replication tests ( #13631 )
2021-11-10 18:18:09 -08:00
Aditya Manthramurthy
1946922de3
Add CI for etcd IAM backend ( #13614 )
...
Runs when ETCD_SERVER env var is set
2021-11-09 09:25:13 -08:00