TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-05-07 09:38:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore: remove PAT and use GH Token (#1716)

Browse Source 
* chore: remove PAT and use GH Token

* fix env

* fix env

* fix env

* md lint

* trigger ci

* change user

* fix GH bug

* replace login part
This commit is contained in:
Florian Forster 2021-05-19 06:41:40 +02:00 committed by GitHub
parent bde22e0fde
commit 18b8047097
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 25 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
.github/workflows/zitadel.yml vendored
View File

@ -5,9 +5,12 @@ on:
- '**' - '**'
tags-ignore: tags-ignore:
- '**' - '**'
# disabled due to a bug -> https://github.community/t/403-error-on-container-registry-push-from-github-action/173071/2
# pull_request:
# branches:
# - '**'
env: env:
GITHUB_TOKEN: ${{ secrets.CR_PAT }}
REGISTRY: ghcr.io REGISTRY: ghcr.io
NODE_VERSION: '12' NODE_VERSION: '12'
GO_VERSION: '1.15' GO_VERSION: '1.15'
@ -73,8 +76,8 @@ jobs:
- name: Login to DockerHub - name: Login to DockerHub
uses: docker/login-action@v1 uses: docker/login-action@v1
with: with:
username: ${{ github.actor }} username: ${{ github.repository_owner }}
password: ${{ secrets.CR_PAT }} password: ${{ secrets.GITHUB_TOKEN }}
registry: ${{ env.REGISTRY }} registry: ${{ env.REGISTRY }}
- run: ls -la - run: ls -la
- uses: docker/build-push-action@v2 - uses: docker/build-push-action@v2
@ -134,8 +137,8 @@ jobs:
- name: Login to DockerHub - name: Login to DockerHub
uses: docker/login-action@v1 uses: docker/login-action@v1
with: with:
username: ${{ github.actor }} username: ${{ github.repository_owner }}
password: ${{ secrets.CR_PAT }} password: ${{ secrets.GITHUB_TOKEN }}
registry: ${{ env.REGISTRY }} registry: ${{ env.REGISTRY }}
- uses: docker/build-push-action@v2 - uses: docker/build-push-action@v2
name: onlybuild name: onlybuild
@ -219,8 +222,8 @@ jobs:
- name: Login to DockerHub - name: Login to DockerHub
uses: docker/login-action@v1 uses: docker/login-action@v1
with: with:
username: ${{ github.actor }} username: ${{ github.repository_owner }}
password: ${{ secrets.CR_PAT }} password: ${{ secrets.GITHUB_TOKEN }}
registry: ${{ env.REGISTRY }} registry: ${{ env.REGISTRY }}
- uses: docker/build-push-action@v2 - uses: docker/build-push-action@v2
name: buildandpush name: buildandpush
@ -238,13 +241,17 @@ jobs:
runs-on: ubuntu-18.04 runs-on: ubuntu-18.04
needs: [ refs, zitadel-image, operator-image, crdb-image ] needs: [ refs, zitadel-image, operator-image, crdb-image ]
env: env:
DOCKER_USERNAME: ${{ github.actor }} DOCKER_USERNAME: ${{ github.repository_owner }}
DOCKER_PASSWORD: ${{ secrets.CR_PAT }} DOCKER_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
steps: steps:
- name: Source checkout - name: Source checkout
uses: actions/checkout@v2 uses: actions/checkout@v2
- name: Docker Login - name: Login to DockerHub
run: docker login $REGISTRY -u $GITHUB_ACTOR -p $GITHUB_TOKEN uses: docker/login-action@v1
with:
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
registry: ${{ env.REGISTRY }}
- name: Docker Pull ZITADEL Image - name: Docker Pull ZITADEL Image
run: docker pull $REGISTRY/$GITHUB_REPOSITORY:${{ needs.refs.outputs.sha_short }} run: docker pull $REGISTRY/$GITHUB_REPOSITORY:${{ needs.refs.outputs.sha_short }}
- name: Docker Pull ZITADEL Operator Image - name: Docker Pull ZITADEL Operator Image
@ -322,7 +329,7 @@ jobs:
tag: ${{ needs.refs.outputs.short_ref }}-dev tag: ${{ needs.refs.outputs.short_ref }}-dev
commit: ${{ needs.refs.outputs.short_ref }} commit: ${{ needs.refs.outputs.short_ref }}
name: Branch ${{ needs.refs.outputs.short_ref }} name: Branch ${{ needs.refs.outputs.short_ref }}
token: ${{ env.GITHUB_TOKEN }} token: ${{ secrets.GITHUB_TOKEN }}
replacesArtifacts: true replacesArtifacts: true
prerelease: true prerelease: true
draft: false draft: false

12
README.md
View File

@ -22,10 +22,10 @@ For example, **ZITADEL** is event sourced but it does not rely on a pub/sub syst
## Features of ZITADEL platform ## Features of ZITADEL platform
* Authentication * Authentication
* OpenID Connect 1.0 Protocol (OP) * OpenID Connect 1.0 Protocol (OP)
* Username / Password * Username / Password
* Machine-to-machine (JWT profile) * Machine-to-machine (JWT profile)
* Passwordless with FIDO2 * Passwordless with FIDO2
* Multifactor authentication with OTP, U2F * Multifactor authentication with OTP, U2F
* Federation with OpenID Connect 1.0 Protocol (RP), OAuth 2.0 Protocol (RP) * Federation with OpenID Connect 1.0 Protocol (RP), OAuth 2.0 Protocol (RP)
* Authorization via Role Based Access Control (RBAC) * Authorization via Role Based Access Control (RBAC)
@ -66,11 +66,11 @@ Details need to be announced, but feel free to contribute already. As long as yo
See the policy [here](./SECURITY.md) See the policy [here](./SECURITY.md)
## Other CAOS Projects ## Other CAOS Projects
* [**ORBOS**](https://github.com/caos/orbos/) - GitOps everything * [**ORBOS**](https://github.com/caos/orbos/) - GitOps everything
* [**OIDC for GO**](https://github.com/caos/oidc) - OpenID Connect SDK (client and server) for Go * [**OIDC for GO**](https://github.com/caos/oidc) - OpenID Connect SDK (client and server) for Go
* [**ZITADEL Tools**](https://github.com/caos/zitadel-tools) - Go tool to convert key file to privately signed JWT * [**ZITADEL Tools**](https://github.com/caos/zitadel-tools) - Go tool to convert key file to privately signed JWT
## License ## License