Skip to content

Commit f3769ea

Browse files
bpmctbpmct
committed
concept: git token management
1 parent 91c2836 commit f3769ea

File tree

2 files changed

+29
-0
lines changed

2 files changed

+29
-0
lines changed

docs/images/github_token.gif

884 KB
Loading

docs/secrets.md

+29
Original file line numberDiff line numberDiff line change
@@ -68,6 +68,35 @@ A catch-all variation of this approach is dynamically provisioning a cloud servi
6868
for each workspace and then making the relevant secrets available via the cloud's secret management
6969
system.
7070

71+
## Token Management (enterprise)
72+
73+
Coder can manage tokens on behalf of users on the following platforms:
74+
75+
- GitHub
76+
- GitHub Enterprise
77+
- BitBucket
78+
- BitBucket Server
79+
- GitLab.com
80+
- GitLab Self-Managed
81+
- Hasicorp Vault [(coming soon)](https://coder.com/contact)
82+
83+
When users create/update workspaces, Coder will <a href="https://www.kapwing.com/e/631cf6a369c1ee00e55ff6ab" target="_blank">prompt users</a>
84+
to authenticate with the provider if a valid token is not present.
85+
86+
```hcl
87+
resource "coder_user_token" "github-enterprise" {
88+
type = "github"
89+
host = "https://github-enterprise.example.com"
90+
oauth_client_id = var.github_client_id # via environment variable
91+
oauth_client_secret = var.github_client_secret # via environment variable
92+
93+
add_coder_key = true
94+
scopes = ["read:user", "write:public_key", "write:gpg_key", "repo"]
95+
}
96+
```
97+
98+
> See the [Coder Terraform provider docs](#needs-link) for examples for each platform.
99+
71100
## Displaying Secrets
72101

73102
While you can inject secrets into the workspace via environment variables, you

0 commit comments

Comments
 (0)