Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support OIDC subjects which reference a GitHub Org and wildcard Repo #467

Open
johnstonmatt opened this issue Jun 22, 2024 · 1 comment
Open

Support OIDC subjects which reference a GitHub Org and wildcard Repo #467

johnstonmatt opened this issue Jun 22, 2024 · 1 comment
Assignees
@YanaXu
Labels
dependencies Pull requests that update a dependency file feature-request

Comments

@johnstonmatt
Copy link

OIDC represents a big improvement in terms of security by reducing the risk of leaked credentials, and at polyseam/cndi we want to bring that value to our users.

In our integration with AWS we are able to specify a trust policy which grants OIDC access for all repos in a given GitHub Organization using a wildcard pattern.

Creating a new OIDC app registration for every repo is such a manual process that I don't think it is sufficiently easy to adopt, and our users will likely continue to use API credentials instead - unless support for wildcard patterns can be added.
@johnstonmatt johnstonmatt added the need-to-triage Requires investigation label Jun 22, 2024
@YanaXu YanaXu self-assigned this Jun 27, 2024
@YanaXu YanaXu added dependencies Pull requests that update a dependency file feature-request and removed need-to-triage Requires investigation labels Jun 27, 2024
@petr-stupka
Copy link

related #346

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@YanaXu YanaXu

Labels
dependencies Pull requests that update a dependency file feature-request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@johnstonmatt @YanaXu @petr-stupka