feat: adds Pluggable Auth support #1437
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* feat: Adding Pluggable Auth Support to ADC See go/pluggable-auth-design. Adding classes required for supporting pluggable auth and some functionality. Will add the implementation for running the executable and reading from a cached file in a later pull request. * fix: Correcting copyright year * fix: addressing code review comments * fix: Fixing interface description * fix: Comment typo * fix: Address code review comments * fix: Add comments to ExecutableResponse properties * fix: Addressing code review comments
…1431) * feat: adding executable and file handling for pluggable auth client Added PluggableAuthHandler to run user provided executable and read from cached file output + associated tests. * fix: correcting pluggable auth credential source Adding 'executable' object under credential source for pluggable auth options. * fix: code review comments * fix: Fixing output file string variable name and failing tests * fix: code review comments + added readme documentation. * fix: addressing code review
|
Warning: This pull request is touching the following templated files:
|
aeitzman
added
do not merge
danielbankhead
suggested changes
Aug 5, 2022
|
What makes this PR breaking? It seems it can work without breaking existing users. |
On a previous PR, @bcoe was saying this should be a breaking change: #1419 (review) |
That makes sense - it looks like |
danielbankhead
removed
the
next major: breaking change
danielbankhead
removed
the
do not merge
danielbankhead
approved these changes
Aug 9, 2022
lsirac
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See go/pluggable-auth-design.
Summary:
Adds a new PluggableAuthClient class that enables the ability for developers to use their own executable to retrieve subject tokens for Workload Identity Federation (instead of a file/URL).
ADC is extended to support this new client.
Adds documentation in Readme
Adds integration test
Fixes: #1433