Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Move kubernetes CA handling in config.prepare #1454

Merged

Conversation

ccordoui
Copy link
Contributor

@ccordoui ccordoui commented Nov 7, 2023

Summary

Resolves #1453

Release Note

  • Fix a bug where fulcio wasn't passing http custom configuration to go-oidc

Documentation

NONE

Copy link

codecov bot commented Nov 8, 2023

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (49eee1e) 57.67% compared to head (10423a4) 57.66%.

❗ Current head 10423a4 differs from pull request most recent head 2bbcda5. Consider uploading reports for the commit 2bbcda5 to get more accurate results

Additional details and impacted files
@@            Coverage Diff             @@
##             main    #1454      +/-   ##
==========================================
- Coverage   57.67%   57.66%   -0.02%     
==========================================
  Files          50       50              
  Lines        3112     3118       +6     
==========================================
+ Hits         1795     1798       +3     
- Misses       1158     1160       +2     
- Partials      159      160       +1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Move kubernetes OIDC provider CA handling in config.prepare to ensure that it is processed before using go-oidc

Signed-off-by: Cyril Cordoui <[email protected]>
@ccordoui ccordoui force-pushed the bugfix/oidc-custom-http-configuration branch from 10423a4 to 9164820 Compare November 17, 2023 15:06
@ccordoui
Copy link
Contributor Author

config.prepare is called two times:

The first time was after the import of the CA of kubernetes config.go#L433 but the second was not.

So to prevent that kind of behavior, I have moved the code in the prepare, like this it is always called before.

@ccordoui ccordoui changed the title [#1453] Create a new http client in fulcio and pass it to the oidc context Move kubernetes CA handling in config.prepare Nov 17, 2023
Copy link
Contributor

@haydentherapper haydentherapper left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ccordoui Have you been able to compile Fulcio locally and confirm this is working for you?

@ccordoui
Copy link
Contributor Author

@ccordoui Have you been able to compile Fulcio locally and confirm this is working for you?

@haydentherapper Yes, the built image can be found here quay.io/ccordoui/sigstore/fulcio:ccordoui-pr1454

@haydentherapper haydentherapper merged commit b886493 into sigstore:main Nov 18, 2023
13 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Fulcio doesn't pass http customization to go-oidc
3 participants