feat: use fga credetials

datum-cloud / datum

Datum's central server

https://datum.net

Apache License 2.0

50 stars 7 forks source link

feat: use fga credetials #1201

Closed golanglemonade closed 1 month ago

golanglemonade commented 1 month ago

bumps fgax to v0.5.2 to include credentials in the config
adds the preshared credentials to the docker-compose setup

NOTE: the docker-compose change will require the update of your local config/.config.yaml to add the matching example key. This is included in the config/config-dev.example.yaml file

sonarcloud[bot] commented 1 month ago

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

golanglemonade commented 1 month ago

Looks good visually!

I can try to sanity check it tomorrow if you'd like but I haven't looked into the authorization integration yet. Any suggestions on a quick test?

It’s not a change in the authz checks, but adds a configuration variable to both the container and the datum setup to require Authn communication between the two. It’s only required if it’s configured in the fga container which is the docker compose setup - if you run task run-dev and it works it’s good to go