Skip to content

Add option to prefer fetching policies from org repo.#587

Closed
wlynch wants to merge 1 commit intoocto-sts:mainfrom
wlynch:opts
Closed

Add option to prefer fetching policies from org repo.#587
wlynch wants to merge 1 commit intoocto-sts:mainfrom
wlynch:opts

Conversation

@wlynch
Copy link
Collaborator

@wlynch wlynch commented Nov 5, 2024

This adds the ability to have a server-side flag to allow configuring OctoSTS to only read policies from the org/.github repo. This allows for policy centralization for deployments that prefer stricter consolidation and enforcement.

This also adds a test harness for the exchange flow to make it easier to test and see what values are being exchanged.

This is a alternative to #583. This PR aims to provide similar functionality, but preserve incoming identity + scope details. cc @karlhaworth

@wlynch @karlhaworth-aa
Add option to prefer fetching policies from org repo.
7d526d6 
This adds the ability to have a server-side flag to allow configuring
OctoSTS to only read policies from the org/.github repo. This allows for
policy centralization for deployments that prefer stricter
consolidation and enforcement.

This also adds a test harness for the exchange flow to make it easier to
test and see what values are being exchanged.

Co-authored-by: Karl Haworth <karl.haworth@aa.com>
@wlynch wlynch marked this pull request as draft November 5, 2024 15:59
@wlynch
Copy link
Collaborator Author

wlynch commented Nov 5, 2024

Not proceeding with this - will look into modifying #583

@wlynch wlynch closed this Nov 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@wlynch

Comments