Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bootstrap token #717

Merged
merged 54 commits into from
Sep 9, 2024
Merged

Bootstrap token #717

merged 54 commits into from
Sep 9, 2024

Conversation

jswoods
Copy link
Contributor

@jswoods jswoods commented Aug 23, 2023

No description provided.

@jswoods jswoods force-pushed the jestin/bootstrap-token branch 2 times, most recently from ed0a6a1 to aa5b87c Compare September 28, 2023 20:27
@SaaldjorMike SaaldjorMike mentioned this pull request Oct 24, 2023
Open
@jswoods jswoods force-pushed the jestin/bootstrap-token branch from cb5419d to 66aace4 Compare November 17, 2023 22:55
@jswoods jswoods marked this pull request as ready for review December 6, 2023 21:40
@jswoods jswoods requested a review from a team as a code owner December 6, 2023 21:40
@jswoods jswoods marked this pull request as draft December 6, 2023 21:46
@jswoods jswoods marked this pull request as ready for review December 7, 2023 01:19
@jswoods jswoods force-pushed the jestin/bootstrap-token branch from ea1b8a2 to dbe782a Compare June 3, 2024 22:49
@jswoods jswoods force-pushed the jestin/bootstrap-token branch from dbe782a to 3da9a49 Compare June 21, 2024 20:44
SaaldjorMike
SaaldjorMike reviewed Jun 27, 2024
View reviewed changes
controllers/humiocluster_permission_tokens.go
Comment on lines +32 to +39
for _, userResult := range allUserResults {
if userResult.OrganizationName == "RecoveryRootOrg" {
if userResult.SearchMatch == fmt.Sprintf(" | %s () ()", username) {
fmt.Printf("Found user ID using multi-organization query.\n")
return userResult.EntityId, nil
}
}
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some day we should probably refactor this, so that we fetch subscription as part of userResult and so we can match on userResult.Subscription = "ClusterOwner" instead of whatever the name of the cluster owner organization happens to be. I see this is just moving over whatever "user & token management" from the auth sidecar into the Reconciler, so its fine to stick with this right now, but ideally we'd tidy this up a bit.

Copy link
Member

@SaaldjorMike SaaldjorMike Jun 27, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If single org. mode is active it seems like organization ID is SINGLE_ORGANIZATION_ID with subscription being Paying.

So probably want to:

if single org mode:
    find user in the organization with `orgID=SINGLE_ORGANIZATION_ID`
if multi org mode:
    find user in the organization with `subscription=ClusterOwner`
    (or maybe split in two, first look up orgID of org that is cluster owner, then specifically search that organization for the user)

@jswoods jswoods force-pushed the jestin/bootstrap-token branch from 5193f30 to 8e010b9 Compare July 3, 2024 20:37
@jswoods jswoods force-pushed the jestin/bootstrap-token branch 2 times, most recently from 56bf7d1 to 9aaceac Compare August 6, 2024 14:49
@jswoods jswoods force-pushed the jestin/bootstrap-token branch from 9aaceac to 4916d34 Compare September 3, 2024 21:01
@jswoods jswoods merged commit 94369a5 into master Sep 9, 2024
17 checks passed
@jswoods jswoods deleted the jestin/bootstrap-token branch September 9, 2024 15:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@SaaldjorMike SaaldjorMike SaaldjorMike approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jswoods @SaaldjorMike