-
Notifications
You must be signed in to change notification settings - Fork 620
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[RFC] Passwordless authentication for Git repositories #4806
Conversation
@nagyv can this work with gitlab? |
@souleb Kind of. Reading through the proposal, it's not really passwordless as you extract the password every time from the OIDC response, and the password is tied either to a service account or an app (in case of GitHub). At GitLab, we support service accounts that are fully independent of every user account, can not log in through the UI, but are very much user-like. For example, they can own deploy keys and can be made members of projects. Flux in its current state can already support service accounts. I'll try to extend the proposal to describe the "with GitLab" solution. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Line wrapped and formatted the GitLab section. LGTM.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM!
Thanks for all the details.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Thanks @dipti-pai 🏅
Signed-off-by: Dipti Pai <[email protected]> Signed-off-by: Soule BA <[email protected]> Signed-off-by: Sunny <[email protected]> Co-authored-by: Dipti Pai <[email protected]> Co-authored-by: Sanskar Jaiswal <[email protected]> Co-authored-by: Soule BA <[email protected]> Co-authored-by: Sunny <[email protected]> Co-authored-by: Viktor Nagy <[email protected]>
For my understanding, how is the work to actually implement this tracked? Are there individual sub work items for the various provides one could follow and contribute to? |
#4846 has the workitems for tracking the implementation of this RFC |
Based on top of this PR - #4114
Created separate PR as I don't have the required permissions to the main repo.