Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

proxy: auth broker #8855

Draft
wants to merge 8 commits into
base: main
Choose a base branch
from
Draft

proxy: auth broker #8855

wants to merge 8 commits into from

Conversation

conradludgate
Copy link
Contributor

@conradludgate conradludgate commented Aug 28, 2024
edited
Loading

Done:

  • Implemented the cplane API for fetching the JWKs. No caching of that result yet as the JWKs cache should handle it.
  • Opens http2 connection to local-proxy and forwards requests over with all headers and body

TODO:

  1. Mock interface which fetches JWKs data from postgres.

@github-actions GitHub Actions
Copy link

github-actions bot commented Aug 28, 2024
edited
Loading

4968 tests run: 4802 passed, 2 failed, 164 skipped (full report)

Failures on Postgres 16

Failures on Postgres 14

# Run all failed tests locally:
scripts/pytest -vv -n $(nproc) -k "test_storage_controller_onboarding[release-pg14-False] or test_scrubber_physical_gc_ancestors_split[release-pg16]"
Flaky tests (11)

Postgres 17

Postgres 16

Postgres 15

Postgres 14

Test coverage report is not available

The comment gets automatically updated with the latest test results
3dcc051 at 2024-09-19T17:14:18.382Z :recycle:

orca-security-us[bot]
orca-security-us bot reviewed Sep 11, 2024
View reviewed changes
Copy link

@orca-security-us orca-security-us bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Orca Security Scan Summary

Status Check Issues by priority
Passed Passed Infrastructure as Code high 0   medium 0   low 0   info 0 View in Orca
Passed Passed Secrets high 0   medium 0   low 0   info 0 View in Orca
Passed Passed Vulnerabilities high 0   medium 0   low 0   info 0 View in Orca

@conradludgate conradludgate force-pushed the proxy-auth-broker branch 2 times, most recently from 2abdd5f to bd8ab50 Compare September 17, 2024 13:33
@conradludgate conradludgate mentioned this pull request Sep 18, 2024
Merged
@conradludgate conradludgate changed the base branch from main to proxy-misc-auth-changes September 18, 2024 15:56
Base automatically changed from proxy-misc-auth-changes to main September 19, 2024 15:09
conradludgate added a commit that referenced this pull request Sep 19, 2024
@conradludgate
proxy: remove auth info from http conn info & fixup jwt api trait (#9047
0a1ca76 
)

misc changes split out from #8855 

- **allow cloning the request context in a read-only fashion for
background tasks**
- **propagate endpoint and request context through the jwk cache**
- **only allow password based auth for md5 during testing**
- **remove auth info from conn info**
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@orca-security-us Orca Security (US) orca-security-us left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@conradludgate