Add a webhook to validate trust policies

octo-sts / app

A GitHub App that acts like a Security Token Service (STS) for the Github API

Apache License 2.0

126 stars 15 forks source link

Add a webhook to validate trust policies #285

Closed mattmoor closed 4 months ago

mattmoor commented 4 months ago

This is based on Billy's PR, but I've rebased it on https://github.com/octo-sts/app/pull/284 and expanded it a bunch based on some experimentation in my dev environment.

Draft until we land the base PR.

Fixes: https://github.com/octo-sts/app/pull/247 Fixes: https://github.com/octo-sts/app/issues/46

mattmoor commented 4 months ago

cc @wlynch

mattmoor commented 4 months ago

Credit to @wlynch I just made some tweaks :)