-
Notifications
You must be signed in to change notification settings - Fork 183
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
WIP: Support OIDC Client Authentication #793
base: master
Are you sure you want to change the base?
Conversation
Globally support OIDC Client Authentication, this is for output sinks proxied by something like OAuth2-Proxy - attempt to support .well-known/oidc-configuration Signed-off-by: Dan Molik <[email protected]>
Welcome @dmolik! It looks like this is your first PR to falcosecurity/falcosidekick 🎉 |
so this is just a first stab at OIDC output support, I'm looking for feedback on approach, and I know I will need to update tests and documentation |
@@ -1,6 +1,8 @@ | |||
module github.com/falcosecurity/falcosidekick | |||
|
|||
go 1.20 | |||
go 1.21 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you avoid to bump up the Go version please, to avoid to break anything aside.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this was pulled in from the kube 1.29 version bump
Interesting proposal, thnaks. I edited the title to specify it's a WIP, ping when you want a deeper review. Thanks. I enabled the CI btw. |
Signed-off-by: Dan Molik <[email protected]>
Adding label Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
LGTM label has been added. Git tree hash: e3c4fa41292b36ea2a39a75d580d3986d6e4e9e6
|
/remove-approve |
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: dmolik The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
(sorry, a miss click in the GH app on phone made me approved this PR) |
okay no worries, I've got to rebase this against master, and add config and docs |
What's the status on your side for this PR? Is it ready for a review? |
I'm going to merge main again, and test locally via minikube, I'll let you know in a day or two. |
Hi, are you still working on that PR? |
Issues go stale after 90d of inactivity. Mark the issue as fresh with Stale issues rot after an additional 30d of inactivity and eventually close. If this issue is safe to close now please do so with Provide feedback via https://github.com/falcosecurity/community. /lifecycle stale |
/remove-lifecycle stale |
@dmolik are you still working on this PR? you need to rebase on the master, a lot of changes have been made since your last commits. I would like to release the 2.30 in the next weeks, I prefer to post-pone your proposal to the 2.31 anyway |
Globally support OIDC Client Authentication, this is for output sinks proxied by something like OAuth2-Proxy
What type of PR is this?
/kind feature
Any specific area of the project related to this PR?
/area config
/area outputs
What this PR does / why we need it:
Which issue(s) this PR fixes:
Fixes #712
Special notes for your reviewer: