Static Users #1755

luizbafilho · 2022-03-18T16:37:25Z

What changed?
The concept of Static User has been introduced. This feature allows operators to create an undefined number of Users by creating K8s Secrets with a well-defined structure and label so that Weave Gitops can query and match credentials.

Why?

Allow configuration flexibility to operators.

How did you test it?

Manual and automated tests validate the flows.

Release notes

*Documentation Changes

luizbafilho · 2022-03-22T14:54:39Z

FYI @yiannistri

…tatic-users

Callisto13

Really awesome! I just have one question

Callisto13 · 2022-03-22T15:10:50Z

pkg/server/auth/server.go

-		if loginRequest.Username != string(hashedSecret.Data["username"]) {
-			s.Log.Info("Wrong username")
-			rw.WriteHeader(http.StatusUnauthorized)
+		if err := s.kubernetesClient.List(r.Context(), users, opts...); err != nil {


do we need to list all users, or can we just get a specific one based on the username?

we can't query based on any data value. So to accomplish that we would need to force users to use some kind of convention for names, but that would still be tricky because they can choose to use an email address as the username and that's not a valid name for a k8s resource.

Listing isn't ideal but at least we only list the secrets with that particular Label. And in practice, there should be a small number of those.

aah i see, makes sense

jpellizzari

I don't fully grasp the context here, but no issues with the code.

Callisto13 · 2022-03-23T09:45:39Z

This may be being rolled back, see: https://weaveworks.slack.com/archives/C03244W0C8H/p1647967858091769

Callisto13 · 2022-03-23T13:11:43Z

#1787

luizbafilho added 4 commits March 17, 2022 12:45

Tweaking admin password

ebdde31

adding dev user

597107f

Querying static users

4722ead

Splitting manifests into charts

edcadb1

luizbafilho changed the title ~~Tweaking admin password~~ Static Users Mar 18, 2022

luizbafilho added the type/enhancement New feature or request label Mar 18, 2022

luizbafilho mentioned this pull request Mar 21, 2022

Fix username/password flow #1722

Closed

luizbafilho added 5 commits March 21, 2022 13:09

Fixing tests

8c244f8

updating docsg

37e8b8f

Small tweak bcrypt call

347c1fc

Pinning bcrypt-cli version

c3cc758

Adding ns to label command

80a6e93

luizbafilho marked this pull request as ready for review March 22, 2022 14:53

luizbafilho requested a review from Callisto13 March 22, 2022 14:53

luizbafilho requested a review from jpellizzari March 22, 2022 14:55

Merge branch 'main' of github.com:weaveworks/weave-gitops into 1671-s…

fa067ad

…tatic-users

Callisto13 reviewed Mar 22, 2022

View reviewed changes

jpellizzari approved these changes Mar 22, 2022

View reviewed changes

Callisto13 mentioned this pull request Mar 23, 2022

Get back to basics with the Admin User #1787

Closed

5 tasks

luizbafilho closed this Mar 28, 2022

makkes deleted the 1671-static-users branch December 9, 2022 09:11

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Static Users #1755

Static Users #1755

luizbafilho commented Mar 18, 2022 •

edited

Loading

luizbafilho commented Mar 22, 2022

Callisto13 left a comment

Callisto13 Mar 22, 2022

luizbafilho Mar 22, 2022

Callisto13 Mar 23, 2022

jpellizzari left a comment

Callisto13 commented Mar 23, 2022

Callisto13 commented Mar 23, 2022

Static Users #1755

Static Users #1755

Conversation

luizbafilho commented Mar 18, 2022 • edited Loading

luizbafilho commented Mar 22, 2022

Callisto13 left a comment

Choose a reason for hiding this comment

Callisto13 Mar 22, 2022

Choose a reason for hiding this comment

luizbafilho Mar 22, 2022

Choose a reason for hiding this comment

Callisto13 Mar 23, 2022

Choose a reason for hiding this comment

jpellizzari left a comment

Choose a reason for hiding this comment

Callisto13 commented Mar 23, 2022

Callisto13 commented Mar 23, 2022

luizbafilho commented Mar 18, 2022 •

edited

Loading