If custom server url exists, use that instead of the default one. #1776
Conversation
Signed-off-by: Fredrik Skogman <[email protected]>
Signed-off-by: Fredrik Skogman <[email protected]>
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #1776 +/- ##
==========================================
- Coverage 57.93% 50.35% -7.58%
==========================================
Files 50 70 +20
Lines 3119 4184 +1065
==========================================
+ Hits 1807 2107 +300
- Misses 1154 1844 +690
- Partials 158 233 +75 ☔ View full report in Codecov by Sentry. |
|
|
||
| baseURL := `https://github.com/` | ||
|
|
||
| if claims.Enterprise != "" { |
There was a problem hiding this comment.
@javanlacerda Is this something we can add for the new configuration?
@kommendorkapten Is this something you want enabled for the public instance or is this just for the GitHub deployment?
There was a problem hiding this comment.
Yes, I think this template {{if .enterprise }}https://{{ .enterprise }.ghe.com{{else}}{{ .url }}{{end}} should replace every place that the default {{url}} is used for github on identity/config.yaml.
Also, It could be defined in a variable for avoiding replicating it into the config.
And btw, I saw that this PR was recently merged, but this modifies will not work as we migrated github to use the new generic logic that is in pkg/identity/ciprovider/principal.go
There was a problem hiding this comment.
@haydentherapper this is only needed for our internal deployments as of now.
4 participants
Summary
When producing certificates from ID Tokens issued by GitHub Actions, the server url is always hardcoded to
github.com. This is not true for all cases, as custom domains may be possible. This PR modifies the behaviour to look for theenterpriseclaim which indicates that a custom domain is used.Release Note
Documentation