Add initial version of login to Octopus with OIDC or API keys #3
Conversation
geofflamrock
changed the title
| "plugin:prettier/recommended", | ||
| ], | ||
| ignorePatterns: ["node_modules/", ".eslintrc.js", "esbuild.js", "esbuild.mjs", "dist/", "bin/", "rollup.config.js", "step-package.config.js", "jest.config.js"], | ||
| extends: ["eslint:recommended", "plugin:@typescript-eslint/recommended", "plugin:jest/recommended", "plugin:prettier/recommended"], |
There was a problem hiding this comment.
Have adjusted the eslint config to match up more closely to what we use elsewhere in the Octopus portal. It's not 100% the same, but much closer.
| "jest": "29.6.2", | ||
| "jest-expect-message": "1.1.3", | ||
| "jest-extended": "4.0.1", | ||
| "jest-runner-eslint": "2.1.0", | ||
| "msw": "0.49.0", |
There was a problem hiding this comment.
This isn't the current version of msw, unfotunately there is an issue in versions after this where some of the imports in node just plain don't compile. Using this version also means we need to use typescript 4 not 5, which is a bummer but doesn't really impact us that much.
| }, | ||
| "dependencies": { | ||
| "@actions/core": "1.10.0" | ||
| "@actions/core": "1.10.0", | ||
| "node-fetch": "2.6.12" |
There was a problem hiding this comment.
This also isn't the current version of node-fetch, the latest version has a bunch of issues when used with jest because it uses ESM, which jest doesn't handle all that well. I tried a bunch of workarounds I found with no luck, so have just gone with an older version for the moment.
🦋 Changeset detectedLatest commit: b48e7f1 The changes in this PR will be included in the next version bump. This PR includes changesets to release 1 package
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
|
This pull request has been linked to Shortcut Story #54889: Create |
README.md
Outdated
|
|
||
| - Create a service account in Octopus with the permissions required. | ||
| - Configure an OIDC identity that matches the GitHub Actions subject claim for your repository and workflow. See the [GitHub documentation](https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#defining-trust-conditions-on-cloud-roles-using-oidc-claims) for examples of the subject claim. | ||
| - Copy the `Service Account Id` value from the Octopus service account. This will be a guid. |
There was a problem hiding this comment.
guid -> GUID if you are feeling it 😄
There was a problem hiding this comment.
I had to push up a merge conflict fix anyway, so I've done this 😄
This PR adds initial support for the
OctopusDeploy/loginaction for:It includes some additional steps to the
test-loginworkflow, that perform a login to our internal test instance using OIDC and API key.[sc-54889]