search

ilijamt / vault-plugin-secrets-gitlab

Vault Plugin for Gitlab Access Tokens
MIT License
43 stars 6 forks source link

feat: Token rotation will use its own endpoint and tests will run against self-hosted GitLab CE #97

Closed ilijamt closed 1 month ago

codecov[bot] commented 2 months ago

Codecov Report

Attention: Patch coverage is 97.19101% with 5 lines in your changes missing coverage. Please review.

Project coverage is 89.16%. Comparing base (d2067dc) to head (6049c9f).

Files Patch % Lines
backend.go 62.50% 2 Missing and 1 partial :warning:
path_config.go 93.33% 1 Missing and 1 partial :warning:
Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #97 +/- ## ========================================== + Coverage 87.88% 89.16% +1.28% ========================================== Files 15 16 +1 Lines 982 1052 +70 ========================================== + Hits 863 938 +75 + Misses 71 65 -6 - Partials 48 49 +1 ``` | [Flag](https://app.codecov.io/gh/ilijamt/vault-plugin-secrets-gitlab/pull/97/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Ilija+Matoski) | Coverage Δ | | |---|---|---| | [unittests](https://app.codecov.io/gh/ilijamt/vault-plugin-secrets-gitlab/pull/97/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Ilija+Matoski) | `89.16% <97.19%> (+1.28%)` | :arrow_up: | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Ilija+Matoski#carryforward-flags-in-the-pull-request-comment) to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

cm3brian commented 2 months ago

As requested in #89, I have given it a quick, isolated test for our use-case (being GitLab Cloud). Sorry for not being able to dig super-deep here, however, I'm heading off early today :)

It seems that I still cannot rotate the main token, however instead of a permissions' error it's giving "unsupported operation", which is new...

Screenshot 2024-07-12 at 11 51 21 AM

versus the current release version, doing the same (similar config as example above provided to it):

Screenshot 2024-07-12 at 12 22 01 PM
ilijamt commented 2 months ago

I updated the endpoint. So now it's vault write -f gitlab/config/rotate Are you testing on gitlab.com ?

ilijamt commented 2 months ago

@TJM Any chance you can test this as well? And I'm interested if the issue persists with the TTL?

ilijamt commented 2 months ago

@cm3brian is it working for you now?

cm3brian commented 2 months ago

@ilijamt I can confirm that the rotation of the main user token used from gitlab.com is successful now

image

I can confirm that project and group tokens working as expected.

Can also confirm that you may not create token_type=personal on gitlab.com as this requires "admin" and only self-hosted or dedicated instances (for some reason) allow this through the Admin API. This is known in the readme already, but I also tested it just incase.