alexhung
commented
5 months ago @markszabo Thanks for the suggestion. I'll add this to our plan.
Closed markszabo closed 3 months ago
alexhung
commented
5 months ago @markszabo Thanks for the suggestion. I'll add this to our plan.
Is your feature request related to a problem? Please describe.
There is a new Artifactory feature that provides a way to trust OIDC providers and provide access based on the JWT fields: https://jfrog.com/help/r/jfrog-platform-administration-documentation/configure-an-oidc-integration
There is also an API to configure this.
Would it be possible to add support for this, so that it can be configured using terraform?
Describe the solution you'd like
The option to configure the OIDC integration and Identity Mappings via terraform.
Describe alternatives you've considered
Calling the API or using the UI to configure this instead of terraform.
Additional context
We would use this to provide Artifactory credentials to GitHub workflows: GitHub provides workflows with an OIDC token which can be used by this feature to get a short-lived, tightly-scoped Artifactory credential for the workflow. This would replace the need for Artifactory service account credentials stored in GitHub Secrets and provide an easier to use and more secure solution to workflow authentication.