mirror of
https://github.com/gravitational/teleport
synced 2024-10-21 01:34:01 +00:00
acb255cd88
* Add type for GitLab ProvisionToken * Add default behaviour for domain * Add IDTokenClaims for GitLab * Add gitlab token source and token validator * Thread GitLab support through auth and tbot packages * Adjust cluster name fetching in token validator * Initialize GitLab token validator in auth * Improve comment on `sub` * Working GitLab CI delegated joining * Add additional token rule fields * Add checking for new configuration fields * add additional test cases for validation of gitlab config struct * Add TestAuth_RegisterUsingToken_GitLab * Add tests for IDTokenSource * Fix imports * Add tests for GitLab Token Validator * Fix some comments that were incomplete * Add license headers
45 lines
1.1 KiB
Go
45 lines
1.1 KiB
Go
/*
|
|
Copyright 2023 Gravitational, Inc.
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
you may not use this file except in compliance with the License.
|
|
You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
*/
|
|
|
|
package gitlab
|
|
|
|
import "github.com/gravitational/trace"
|
|
|
|
type envGetter func(key string) string
|
|
|
|
// IDTokenSource allows a GitLab ID token to be fetched whilst executing
|
|
// within the context of a GitLab actions workflow.
|
|
type IDTokenSource struct {
|
|
getEnv envGetter
|
|
}
|
|
|
|
func (its *IDTokenSource) GetIDToken() (string, error) {
|
|
tok := its.getEnv("TBOT_GITLAB_JWT")
|
|
if tok == "" {
|
|
return "", trace.BadParameter(
|
|
"TBOT_GITLAB_JWT environment variable missing",
|
|
)
|
|
}
|
|
|
|
return tok, nil
|
|
}
|
|
|
|
func NewIDTokenSource(getEnv envGetter) *IDTokenSource {
|
|
return &IDTokenSource{
|
|
getEnv,
|
|
}
|
|
}
|