search

vmware-tanzu / pinniped

Pinniped is the easy, secure way to log in to your Kubernetes clusters.
https://pinniped.dev
Apache License 2.0
554 stars 66 forks source link

Issue and refresh downstream ID tokens derived from a GitHub IDP #1963

Closed joshuatcasey closed 4 months ago

joshuatcasey commented 4 months ago

The Supervisor will now issue downstream tokens when logging in with GitHub as an identity provider. Will check the user's organization and team membership and ensure that the user meets the login policy specified on the GitHub IDP CR.

Refreshing a GitHub-derived identity is virtually identical to logging in, so that was implemented as well.

codecov[bot] commented 4 months ago

Codecov Report

Attention: Patch coverage is 82.74510% with 88 lines in your changes are missing coverage. Please review.

Project coverage is 30.57%. Comparing base (80c7022) to head (02ffff0). Report is 3 commits behind head on github_identity_provider.

Files Patch % Lines
test/testlib/browsertest/browsertest.go 0.00% 55 Missing :warning:
test/testlib/env.go 0.00% 11 Missing :warning:
...ternal/testutil/oidctestutil/testgithubprovider.go 86.88% 6 Missing and 2 partials :warning:
internal/githubclient/githubclient.go 95.80% 4 Missing and 2 partials :warning:
test/testlib/skip.go 0.00% 6 Missing :warning:
internal/testutil/testidplister/testidplister.go 95.55% 1 Missing and 1 partial :warning:
Additional details and impacted files ```diff @@ Coverage Diff @@ ## github_identity_provider #1963 +/- ## ============================================================ + Coverage 30.14% 30.57% +0.43% ============================================================ Files 358 362 +4 Lines 59869 60335 +466 ============================================================ + Hits 18046 18448 +402 - Misses 41293 41353 +60 - Partials 530 534 +4 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

codecov-commenter commented 4 months ago

Codecov Report

Attention: Patch coverage is 82.72425% with 104 lines in your changes are missing coverage. Please review.

Project coverage is 30.60%. Comparing base (80c7022) to head (6327f51). Report is 3 commits behind head on github_identity_provider.

Files Patch % Lines
test/testlib/browsertest/browsertest.go 0.00% 55 Missing :warning:
test/testlib/skip.go 0.00% 15 Missing :warning:
test/testlib/env.go 0.00% 14 Missing :warning:
...ternal/testutil/oidctestutil/testgithubprovider.go 87.50% 6 Missing and 2 partials :warning:
internal/githubclient/githubclient.go 95.80% 4 Missing and 2 partials :warning:
...util/oidctestutil/expected_upstream_state_param.go 60.00% 2 Missing :warning:
internal/testutil/testidplister/testidplister.go 98.01% 1 Missing and 1 partial :warning:
internal/testutil/oidctestutil/testldapprovider.go 87.50% 1 Missing :warning:
internal/testutil/oidctestutil/testoidcprovider.go 75.00% 1 Missing :warning:
Additional details and impacted files ```diff @@ Coverage Diff @@ ## github_identity_provider #1963 +/- ## ============================================================ + Coverage 30.14% 30.60% +0.46% ============================================================ Files 358 362 +4 Lines 59869 60383 +514 ============================================================ + Hits 18046 18481 +435 - Misses 41293 41368 +75 - Partials 530 534 +4 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.