Skip to content
/ auth-application Public

GitHub Action for Teleport Application Access

4 stars 8 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

teleport-actions/auth-application

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace
BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
dist
dist
 
 
README.md
README.md
 
 
action.yml
action.yml
 
 

Repository files navigation


Read our Blog: https://goteleport.com/blog/

Read our Documentation: https://goteleport.com/docs/getting-started/

teleport-actions/auth-application@v2

auth-application uses Teleport Machine ID to generate credentials for accessing an application protected by Teleport.

The action has the following outputs:

  • certificate-file: the path to the client certificate to use with requests to the application.
  • key-file: the path to the private key for the client certificate to use with request to the application.

Pre-requisites:

  • Teleport 14 or above must be used. Use teleport-actions/auth-application@v1 for compatability with older versions of Teleport.
  • Teleport binaries must already be installed in the job environment.
  • The Applicatiom you wish to access must already be connected to your Teleport cluster. See https://goteleport.com/docs/application-access/getting-started/
  • You must have created a bot with a role with access to your Application and created a GitHub join token that allows that bot to join.
  • A Linux based runner.

Example usage:

on:
  workflow_dispatch: {}
jobs:
  demo-auth-application:
    runs-on: ubuntu-latest
    permissions:
      id-token: write
    steps:
      - name: Install Teleport
        uses: teleport-actions/setup@v1
        with:
          version: 14.0.0
      - name: Fetch application credentials
        id: auth
        uses: teleport-actions/auth-application@v2
        with:
          # Specify the publically accessible address of your Teleport proxy.
          proxy: tele.example.com:443
          # Specify the name of the join token for your bot.
          token: my-github-join-token-name
          # Specify the length of time that the generated credentials should be
          # valid for. This is optional and defaults to "1h"
          certificate-ttl: 1h
          # Specify the name of the application you wish to access.
          app: grafana-example
          # Enable submission of anonymous usage telemetry to Teleport.
          # See https://goteleport.com/docs/machine-id/reference/telemetry/ for
          # more information.
          anonymous-telemetry: 1
      - name: Make request
        run: curl --cert ${{ steps.auth.outputs.certificate-file }} --key ${{ steps.auth.outputs.key-file }} https://grafana-example.tele.example.com/api/users

Outputs

This action will output the following values:

  • identity-file: the path to the identity file.
  • certificate-file: the path to the client certificate.
  • key-file: the path to the private key for the client certificate.

About

GitHub Action for Teleport Application Access

Resources

Readme
Activity
Custom properties

Stars

4 stars

Watchers

1 watching

Forks

8 forks
Report repository

Releases 7

v2.0.3 Latest
Aug 20, 2024
+ 6 releases

Packages

No packages published

Contributors 3

  •  
  •  
  •