feat(vault-jwt): Add Vault JWT/OIDC module #297
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Correct the variable name in `main.tf` and `run.sh` to ensure they are consistent and match expected inputs for Vault CLI interactions.
Parkreiner
reviewed
Sep 27, 2024
There was a problem hiding this comment.
I looked through the files, and I think they look good. The only thing I'm not sure about is the run.sh file, because I'm definitely not a Bash expert
Don't feel comfortable approving yet, since the Bash script seems to be where the most logic lives. Could we tag in someone like @mafredri to look things over?
vault-jwt/README.md
Outdated
| curl -H "X-Vault-Token: ${VAULT_TOKEN}" -X GET "${VAULT_ADDR}/v1/coder/secrets/data/coder" | ||
| ``` | ||
|
|
||
|  |
There was a problem hiding this comment.
Was this supposed to be an image URL?
There was a problem hiding this comment.
Yes. I will take care of this.
mafredri
approved these changes
Sep 27, 2024
Co-authored-by: Mathias Fredriksson <mafredri@gmail.com>
- Simplified explanation of using OIDC access token. - Made language around configuration more direct. - Enhanced section titles for improved clarity.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This module makes use of existing OIDC access token to authenticate with Vault. It requires setting up a Vault JWT/OIDC auth with the same OIDC provider used with Coder.
This module should let users get non interactive authentication with vault.
I tested this with Okta.