ti.sil/sourcebot
1
0
Fork 0
mirror of https://github.com/sourcebot-dev/sourcebot.git synced 2025-12-12 04:15:30 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

init sso from config

Browse source
This commit is contained in:
msukkari 2025-10-31 14:12:48 -07:00
parent 20ae502618
commit e047eb06b9
8 changed files with 1993 additions and 1188 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

839
docs/snippets/schemas/v3/identityProvider.schema.mdx Normal file
View file

@ -0,0 +1,839 @@
{/* THIS IS A AUTO-GENERATED FILE. DO NOT MODIFY MANUALLY! */}
```json
{
"$schema": "http://json-schema.org/draft-07/schema#",
"title": "IdentityProviderConfig",
"definitions": {
"GitHubIdentityProviderConfig": {
"type": "object",
"properties": {
"provider": {
"const": "github"
},
"purpose": {
"enum": [
"sso",
"integration"
]
},
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"baseUrl": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
}
},
"required": [
"provider",
"purpose",
"clientId",
"clientSecret"
]
},
"GitLabIdentityProviderConfig": {
"type": "object",
"properties": {
"provider": {
"const": "gitlab"
},
"purpose": {
"enum": [
"sso",
"integration"
]
},
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"baseUrl": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
}
},
"required": [
"provider",
"purpose",
"clientId",
"clientSecret",
"baseUrl"
]
},
"GoogleIdentityProviderConfig": {
"type": "object",
"properties": {
"provider": {
"const": "google"
},
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
}
},
"required": [
"provider",
"clientId",
"clientSecret"
]
},
"OktaIdentityProviderConfig": {
"type": "object",
"properties": {
"provider": {
"const": "okta"
},
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"issuer": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
}
},
"required": [
"provider",
"clientId",
"clientSecret",
"issuer"
]
},
"KeycloakIdentityProviderConfig": {
"type": "object",
"properties": {
"provider": {
"const": "keycloak"
},
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"issuer": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
}
},
"required": [
"provider",
"clientId",
"clientSecret",
"issuer"
]
},
"MicrosoftEntraIDIdentityProviderConfig": {
"type": "object",
"properties": {
"provider": {
"const": "microsoft-entra-id"
},
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"issuer": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
}
},
"required": [
"provider",
"clientId",
"clientSecret",
"issuer"
]
},
"GCPIAPIdentityProviderConfig": {
"type": "object",
"properties": {
"provider": {
"const": "gcp-iap"
},
"audience": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
}
},
"required": [
"provider",
"audience"
]
}
},
"oneOf": [
{
"type": "object",
"properties": {
"provider": {
"const": "github"
},
"purpose": {
"enum": [
"sso",
"integration"
]
},
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"baseUrl": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
}
},
"required": [
"provider",
"purpose",
"clientId",
"clientSecret"
]
},
{
"type": "object",
"properties": {
"provider": {
"const": "gitlab"
},
"purpose": {
"enum": [
"sso",
"integration"
]
},
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"baseUrl": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
}
},
"required": [
"provider",
"purpose",
"clientId",
"clientSecret",
"baseUrl"
]
},
{
"type": "object",
"properties": {
"provider": {
"const": "google"
},
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
}
},
"required": [
"provider",
"clientId",
"clientSecret"
]
},
{
"type": "object",
"properties": {
"provider": {
"const": "okta"
},
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"issuer": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
}
},
"required": [
"provider",
"clientId",
"clientSecret",
"issuer"
]
},
{
"type": "object",
"properties": {
"provider": {
"const": "keycloak"
},
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"issuer": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
}
},
"required": [
"provider",
"clientId",
"clientSecret",
"issuer"
]
},
{
"type": "object",
"properties": {
"provider": {
"const": "microsoft-entra-id"
},
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"issuer": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
}
},
"required": [
"provider",
"clientId",
"clientSecret",
"issuer"
]
},
{
"type": "object",
"properties": {
"provider": {
"const": "gcp-iap"
},
"audience": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
}
},
"required": [
"provider",
"audience"
]
}
]
}
```

476
docs/snippets/schemas/v3/index.schema.mdx
View file

@ -3624,24 +3624,11 @@
"purpose": { "purpose": {
"enum": [ "enum": [
"sso", "sso",
"identity" "integration"
] ]
}, },
"clientId": { "clientId": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -3659,19 +3646,6 @@
}, },
"clientSecret": { "clientSecret": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -3689,19 +3663,6 @@
}, },
"baseUrl": { "baseUrl": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -3734,24 +3695,11 @@
"purpose": { "purpose": {
"enum": [ "enum": [
"sso", "sso",
"identity" "integration"
] ]
}, },
"clientId": { "clientId": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -3769,19 +3717,6 @@
}, },
"clientSecret": { "clientSecret": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -3799,19 +3734,6 @@
}, },
"baseUrl": { "baseUrl": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -3844,19 +3766,6 @@
}, },
"clientId": { "clientId": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -3874,19 +3783,6 @@
}, },
"clientSecret": { "clientSecret": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -3917,19 +3813,6 @@
}, },
"clientId": { "clientId": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -3947,19 +3830,6 @@
}, },
"clientSecret": { "clientSecret": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -3977,19 +3847,6 @@
}, },
"issuer": { "issuer": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4021,19 +3878,6 @@
}, },
"clientId": { "clientId": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4051,19 +3895,6 @@
}, },
"clientSecret": { "clientSecret": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4081,19 +3912,6 @@
}, },
"issuer": { "issuer": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4125,19 +3943,6 @@
}, },
"clientId": { "clientId": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4155,19 +3960,6 @@
}, },
"clientSecret": { "clientSecret": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4185,19 +3977,6 @@
}, },
"issuer": { "issuer": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4229,19 +4008,6 @@
}, },
"audience": { "audience": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4274,24 +4040,11 @@
"purpose": { "purpose": {
"enum": [ "enum": [
"sso", "sso",
"identity" "integration"
] ]
}, },
"clientId": { "clientId": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4309,19 +4062,6 @@
}, },
"clientSecret": { "clientSecret": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4339,19 +4079,6 @@
}, },
"baseUrl": { "baseUrl": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4384,24 +4111,11 @@
"purpose": { "purpose": {
"enum": [ "enum": [
"sso", "sso",
"identity" "integration"
] ]
}, },
"clientId": { "clientId": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4419,19 +4133,6 @@
}, },
"clientSecret": { "clientSecret": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4449,19 +4150,6 @@
}, },
"baseUrl": { "baseUrl": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4494,19 +4182,6 @@
}, },
"clientId": { "clientId": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4524,19 +4199,6 @@
}, },
"clientSecret": { "clientSecret": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4567,19 +4229,6 @@
}, },
"clientId": { "clientId": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4597,19 +4246,6 @@
}, },
"clientSecret": { "clientSecret": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4627,19 +4263,6 @@
}, },
"issuer": { "issuer": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4671,19 +4294,6 @@
}, },
"clientId": { "clientId": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4701,19 +4311,6 @@
}, },
"clientSecret": { "clientSecret": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4731,19 +4328,6 @@
}, },
"issuer": { "issuer": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4775,19 +4359,6 @@
}, },
"clientId": { "clientId": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4805,19 +4376,6 @@
}, },
"clientSecret": { "clientSecret": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4835,19 +4393,6 @@
}, },
"issuer": { "issuer": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4879,19 +4424,6 @@
}, },
"audience": { "audience": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {

2
packages/backend/src/ee/githubAppManager.ts
View file

@ -50,7 +50,7 @@ export class GithubAppManager {
return; return;
} }
const githubApps = config.apps.filter(app => app.type === 'githubApp') as GitHubAppConfig[]; const githubApps = config.apps.filter(app => app.type === 'github') as GitHubAppConfig[];
logger.info(`Found ${githubApps.length} GitHub apps in config`); logger.info(`Found ${githubApps.length} GitHub apps in config`);
for (const app of githubApps) { for (const app of githubApps) {

838
packages/schemas/src/v3/identityProvider.schema.ts Normal file
View file

@ -0,0 +1,838 @@
// THIS IS A AUTO-GENERATED FILE. DO NOT MODIFY MANUALLY!
const schema = {
"$schema": "http://json-schema.org/draft-07/schema#",
"title": "IdentityProviderConfig",
"definitions": {
"GitHubIdentityProviderConfig": {
"type": "object",
"properties": {
"provider": {
"const": "github"
},
"purpose": {
"enum": [
"sso",
"integration"
]
},
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"baseUrl": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
}
},
"required": [
"provider",
"purpose",
"clientId",
"clientSecret"
]
},
"GitLabIdentityProviderConfig": {
"type": "object",
"properties": {
"provider": {
"const": "gitlab"
},
"purpose": {
"enum": [
"sso",
"integration"
]
},
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"baseUrl": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
}
},
"required": [
"provider",
"purpose",
"clientId",
"clientSecret",
"baseUrl"
]
},
"GoogleIdentityProviderConfig": {
"type": "object",
"properties": {
"provider": {
"const": "google"
},
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
}
},
"required": [
"provider",
"clientId",
"clientSecret"
]
},
"OktaIdentityProviderConfig": {
"type": "object",
"properties": {
"provider": {
"const": "okta"
},
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"issuer": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
}
},
"required": [
"provider",
"clientId",
"clientSecret",
"issuer"
]
},
"KeycloakIdentityProviderConfig": {
"type": "object",
"properties": {
"provider": {
"const": "keycloak"
},
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"issuer": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
}
},
"required": [
"provider",
"clientId",
"clientSecret",
"issuer"
]
},
"MicrosoftEntraIDIdentityProviderConfig": {
"type": "object",
"properties": {
"provider": {
"const": "microsoft-entra-id"
},
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"issuer": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
}
},
"required": [
"provider",
"clientId",
"clientSecret",
"issuer"
]
},
"GCPIAPIdentityProviderConfig": {
"type": "object",
"properties": {
"provider": {
"const": "gcp-iap"
},
"audience": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
}
},
"required": [
"provider",
"audience"
]
}
},
"oneOf": [
{
"type": "object",
"properties": {
"provider": {
"const": "github"
},
"purpose": {
"enum": [
"sso",
"integration"
]
},
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"baseUrl": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
}
},
"required": [
"provider",
"purpose",
"clientId",
"clientSecret"
]
},
{
"type": "object",
"properties": {
"provider": {
"const": "gitlab"
},
"purpose": {
"enum": [
"sso",
"integration"
]
},
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"baseUrl": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
}
},
"required": [
"provider",
"purpose",
"clientId",
"clientSecret",
"baseUrl"
]
},
{
"type": "object",
"properties": {
"provider": {
"const": "google"
},
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
}
},
"required": [
"provider",
"clientId",
"clientSecret"
]
},
{
"type": "object",
"properties": {
"provider": {
"const": "okta"
},
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"issuer": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
}
},
"required": [
"provider",
"clientId",
"clientSecret",
"issuer"
]
},
{
"type": "object",
"properties": {
"provider": {
"const": "keycloak"
},
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"issuer": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
}
},
"required": [
"provider",
"clientId",
"clientSecret",
"issuer"
]
},
{
"type": "object",
"properties": {
"provider": {
"const": "microsoft-entra-id"
},
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
},
"issuer": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
}
},
"required": [
"provider",
"clientId",
"clientSecret",
"issuer"
]
},
{
"type": "object",
"properties": {
"provider": {
"const": "gcp-iap"
},
"audience": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token. Only supported in declarative connection configs."
}
},
"required": [
"env"
],
"additionalProperties": false
}
]
}
},
"required": [
"provider",
"audience"
]
}
]
} as const;
export { schema as identityProviderSchema };

149
packages/schemas/src/v3/identityProvider.type.ts Normal file
View file

@ -0,0 +1,149 @@
// THIS IS A AUTO-GENERATED FILE. DO NOT MODIFY MANUALLY!
export type IdentityProviderConfig =
| GitHubIdentityProviderConfig
| GitLabIdentityProviderConfig
| GoogleIdentityProviderConfig
| OktaIdentityProviderConfig
| KeycloakIdentityProviderConfig
| MicrosoftEntraIDIdentityProviderConfig
| GCPIAPIdentityProviderConfig;
export interface GitHubIdentityProviderConfig {
provider: "github";
purpose: "sso" | "integration";
clientId: {
/**
* The name of the environment variable that contains the token. Only supported in declarative connection configs.
*/
env: string;
};
clientSecret: {
/**
* The name of the environment variable that contains the token. Only supported in declarative connection configs.
*/
env: string;
};
baseUrl?: {
/**
* The name of the environment variable that contains the token. Only supported in declarative connection configs.
*/
env: string;
};
[k: string]: unknown;
}
export interface GitLabIdentityProviderConfig {
provider: "gitlab";
purpose: "sso" | "integration";
clientId: {
/**
* The name of the environment variable that contains the token. Only supported in declarative connection configs.
*/
env: string;
};
clientSecret: {
/**
* The name of the environment variable that contains the token. Only supported in declarative connection configs.
*/
env: string;
};
baseUrl: {
/**
* The name of the environment variable that contains the token. Only supported in declarative connection configs.
*/
env: string;
};
[k: string]: unknown;
}
export interface GoogleIdentityProviderConfig {
provider: "google";
clientId: {
/**
* The name of the environment variable that contains the token. Only supported in declarative connection configs.
*/
env: string;
};
clientSecret: {
/**
* The name of the environment variable that contains the token. Only supported in declarative connection configs.
*/
env: string;
};
[k: string]: unknown;
}
export interface OktaIdentityProviderConfig {
provider: "okta";
clientId: {
/**
* The name of the environment variable that contains the token. Only supported in declarative connection configs.
*/
env: string;
};
clientSecret: {
/**
* The name of the environment variable that contains the token. Only supported in declarative connection configs.
*/
env: string;
};
issuer: {
/**
* The name of the environment variable that contains the token. Only supported in declarative connection configs.
*/
env: string;
};
[k: string]: unknown;
}
export interface KeycloakIdentityProviderConfig {
provider: "keycloak";
clientId: {
/**
* The name of the environment variable that contains the token. Only supported in declarative connection configs.
*/
env: string;
};
clientSecret: {
/**
* The name of the environment variable that contains the token. Only supported in declarative connection configs.
*/
env: string;
};
issuer: {
/**
* The name of the environment variable that contains the token. Only supported in declarative connection configs.
*/
env: string;
};
[k: string]: unknown;
}
export interface MicrosoftEntraIDIdentityProviderConfig {
provider: "microsoft-entra-id";
clientId: {
/**
* The name of the environment variable that contains the token. Only supported in declarative connection configs.
*/
env: string;
};
clientSecret: {
/**
* The name of the environment variable that contains the token. Only supported in declarative connection configs.
*/
env: string;
};
issuer: {
/**
* The name of the environment variable that contains the token. Only supported in declarative connection configs.
*/
env: string;
};
[k: string]: unknown;
}
export interface GCPIAPIdentityProviderConfig {
provider: "gcp-iap";
audience: {
/**
* The name of the environment variable that contains the token. Only supported in declarative connection configs.
*/
env: string;
};
[k: string]: unknown;
}

476
packages/schemas/src/v3/index.schema.ts
View file

@ -3623,24 +3623,11 @@ const schema = {
"purpose": { "purpose": {
"enum": [ "enum": [
"sso", "sso",
"identity" "integration"
] ]
}, },
"clientId": { "clientId": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -3658,19 +3645,6 @@ const schema = {
}, },
"clientSecret": { "clientSecret": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -3688,19 +3662,6 @@ const schema = {
}, },
"baseUrl": { "baseUrl": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -3733,24 +3694,11 @@ const schema = {
"purpose": { "purpose": {
"enum": [ "enum": [
"sso", "sso",
"identity" "integration"
] ]
}, },
"clientId": { "clientId": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -3768,19 +3716,6 @@ const schema = {
}, },
"clientSecret": { "clientSecret": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -3798,19 +3733,6 @@ const schema = {
}, },
"baseUrl": { "baseUrl": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -3843,19 +3765,6 @@ const schema = {
}, },
"clientId": { "clientId": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -3873,19 +3782,6 @@ const schema = {
}, },
"clientSecret": { "clientSecret": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -3916,19 +3812,6 @@ const schema = {
}, },
"clientId": { "clientId": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -3946,19 +3829,6 @@ const schema = {
}, },
"clientSecret": { "clientSecret": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -3976,19 +3846,6 @@ const schema = {
}, },
"issuer": { "issuer": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4020,19 +3877,6 @@ const schema = {
}, },
"clientId": { "clientId": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4050,19 +3894,6 @@ const schema = {
}, },
"clientSecret": { "clientSecret": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4080,19 +3911,6 @@ const schema = {
}, },
"issuer": { "issuer": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4124,19 +3942,6 @@ const schema = {
}, },
"clientId": { "clientId": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4154,19 +3959,6 @@ const schema = {
}, },
"clientSecret": { "clientSecret": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4184,19 +3976,6 @@ const schema = {
}, },
"issuer": { "issuer": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4228,19 +4007,6 @@ const schema = {
}, },
"audience": { "audience": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4273,24 +4039,11 @@ const schema = {
"purpose": { "purpose": {
"enum": [ "enum": [
"sso", "sso",
"identity" "integration"
] ]
}, },
"clientId": { "clientId": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4308,19 +4061,6 @@ const schema = {
}, },
"clientSecret": { "clientSecret": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4338,19 +4078,6 @@ const schema = {
}, },
"baseUrl": { "baseUrl": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4383,24 +4110,11 @@ const schema = {
"purpose": { "purpose": {
"enum": [ "enum": [
"sso", "sso",
"identity" "integration"
] ]
}, },
"clientId": { "clientId": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4418,19 +4132,6 @@ const schema = {
}, },
"clientSecret": { "clientSecret": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4448,19 +4149,6 @@ const schema = {
}, },
"baseUrl": { "baseUrl": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4493,19 +4181,6 @@ const schema = {
}, },
"clientId": { "clientId": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4523,19 +4198,6 @@ const schema = {
}, },
"clientSecret": { "clientSecret": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4566,19 +4228,6 @@ const schema = {
}, },
"clientId": { "clientId": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4596,19 +4245,6 @@ const schema = {
}, },
"clientSecret": { "clientSecret": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4626,19 +4262,6 @@ const schema = {
}, },
"issuer": { "issuer": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4670,19 +4293,6 @@ const schema = {
}, },
"clientId": { "clientId": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4700,19 +4310,6 @@ const schema = {
}, },
"clientSecret": { "clientSecret": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4730,19 +4327,6 @@ const schema = {
}, },
"issuer": { "issuer": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4774,19 +4358,6 @@ const schema = {
}, },
"clientId": { "clientId": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4804,19 +4375,6 @@ const schema = {
}, },
"clientSecret": { "clientSecret": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4834,19 +4392,6 @@ const schema = {
}, },
"issuer": { "issuer": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {
@ -4878,19 +4423,6 @@ const schema = {
}, },
"audience": { "audience": {
"anyOf": [ "anyOf": [
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
},
{ {
"type": "object", "type": "object",
"properties": { "properties": {

346
packages/schemas/src/v3/index.type.ts
View file

@ -962,265 +962,139 @@ export interface GitHubAppConfig {
} }
export interface GitHubIdentityProviderConfig { export interface GitHubIdentityProviderConfig {
provider: "github"; provider: "github";
purpose: "sso" | "identity"; purpose: "sso" | "integration";
clientId: clientId: {
| { /**
/** * The name of the environment variable that contains the token. Only supported in declarative connection configs.
* The name of the secret that contains the token. */
*/ env: string;
secret: string; };
} clientSecret: {
| { /**
/** * The name of the environment variable that contains the token. Only supported in declarative connection configs.
* The name of the environment variable that contains the token. Only supported in declarative connection configs. */
*/ env: string;
env: string; };
}; baseUrl?: {
clientSecret: /**
| { * The name of the environment variable that contains the token. Only supported in declarative connection configs.
/** */
* The name of the secret that contains the token. env: string;
*/ };
secret: string;
}
| {
/**
* The name of the environment variable that contains the token. Only supported in declarative connection configs.
*/
env: string;
};
baseUrl?:
| {
/**
* The name of the secret that contains the token.
*/
secret: string;
}
| {
/**
* The name of the environment variable that contains the token. Only supported in declarative connection configs.
*/
env: string;
};
[k: string]: unknown; [k: string]: unknown;
} }
export interface GitLabIdentityProviderConfig { export interface GitLabIdentityProviderConfig {
provider: "gitlab"; provider: "gitlab";
purpose: "sso" | "identity"; purpose: "sso" | "integration";
clientId: clientId: {
| { /**
/** * The name of the environment variable that contains the token. Only supported in declarative connection configs.
* The name of the secret that contains the token. */
*/ env: string;
secret: string; };
} clientSecret: {
| { /**
/** * The name of the environment variable that contains the token. Only supported in declarative connection configs.
* The name of the environment variable that contains the token. Only supported in declarative connection configs. */
*/ env: string;
env: string; };
}; baseUrl: {
clientSecret: /**
| { * The name of the environment variable that contains the token. Only supported in declarative connection configs.
/** */
* The name of the secret that contains the token. env: string;
*/ };
secret: string;
}
| {
/**
* The name of the environment variable that contains the token. Only supported in declarative connection configs.
*/
env: string;
};
baseUrl:
| {
/**
* The name of the secret that contains the token.
*/
secret: string;
}
| {
/**
* The name of the environment variable that contains the token. Only supported in declarative connection configs.
*/
env: string;
};
[k: string]: unknown; [k: string]: unknown;
} }
export interface GoogleIdentityProviderConfig { export interface GoogleIdentityProviderConfig {
provider: "google"; provider: "google";
clientId: clientId: {
| { /**
/** * The name of the environment variable that contains the token. Only supported in declarative connection configs.
* The name of the secret that contains the token. */
*/ env: string;
secret: string; };
} clientSecret: {
| { /**
/** * The name of the environment variable that contains the token. Only supported in declarative connection configs.
* The name of the environment variable that contains the token. Only supported in declarative connection configs. */
*/ env: string;
env: string; };
};
clientSecret:
| {
/**
* The name of the secret that contains the token.
*/
secret: string;
}
| {
/**
* The name of the environment variable that contains the token. Only supported in declarative connection configs.
*/
env: string;
};
[k: string]: unknown; [k: string]: unknown;
} }
export interface OktaIdentityProviderConfig { export interface OktaIdentityProviderConfig {
provider: "okta"; provider: "okta";
clientId: clientId: {
| { /**
/** * The name of the environment variable that contains the token. Only supported in declarative connection configs.
* The name of the secret that contains the token. */
*/ env: string;
secret: string; };
} clientSecret: {
| { /**
/** * The name of the environment variable that contains the token. Only supported in declarative connection configs.
* The name of the environment variable that contains the token. Only supported in declarative connection configs. */
*/ env: string;
env: string; };
}; issuer: {
clientSecret: /**
| { * The name of the environment variable that contains the token. Only supported in declarative connection configs.
/** */
* The name of the secret that contains the token. env: string;
*/ };
secret: string;
}
| {
/**
* The name of the environment variable that contains the token. Only supported in declarative connection configs.
*/
env: string;
};
issuer:
| {
/**
* The name of the secret that contains the token.
*/
secret: string;
}
| {
/**
* The name of the environment variable that contains the token. Only supported in declarative connection configs.
*/
env: string;
};
[k: string]: unknown; [k: string]: unknown;
} }
export interface KeycloakIdentityProviderConfig { export interface KeycloakIdentityProviderConfig {
provider: "keycloak"; provider: "keycloak";
clientId: clientId: {
| { /**
/** * The name of the environment variable that contains the token. Only supported in declarative connection configs.
* The name of the secret that contains the token. */
*/ env: string;
secret: string; };
} clientSecret: {
| { /**
/** * The name of the environment variable that contains the token. Only supported in declarative connection configs.
* The name of the environment variable that contains the token. Only supported in declarative connection configs. */
*/ env: string;
env: string; };
}; issuer: {
clientSecret: /**
| { * The name of the environment variable that contains the token. Only supported in declarative connection configs.
/** */
* The name of the secret that contains the token. env: string;
*/ };
secret: string;
}
| {
/**
* The name of the environment variable that contains the token. Only supported in declarative connection configs.
*/
env: string;
};
issuer:
| {
/**
* The name of the secret that contains the token.
*/
secret: string;
}
| {
/**
* The name of the environment variable that contains the token. Only supported in declarative connection configs.
*/
env: string;
};
[k: string]: unknown; [k: string]: unknown;
} }
export interface MicrosoftEntraIDIdentityProviderConfig { export interface MicrosoftEntraIDIdentityProviderConfig {
provider: "microsoft-entra-id"; provider: "microsoft-entra-id";
clientId: clientId: {
| { /**
/** * The name of the environment variable that contains the token. Only supported in declarative connection configs.
* The name of the secret that contains the token. */
*/ env: string;
secret: string; };
} clientSecret: {
| { /**
/** * The name of the environment variable that contains the token. Only supported in declarative connection configs.
* The name of the environment variable that contains the token. Only supported in declarative connection configs. */
*/ env: string;
env: string; };
}; issuer: {
clientSecret: /**
| { * The name of the environment variable that contains the token. Only supported in declarative connection configs.
/** */
* The name of the secret that contains the token. env: string;
*/ };
secret: string;
}
| {
/**
* The name of the environment variable that contains the token. Only supported in declarative connection configs.
*/
env: string;
};
issuer:
| {
/**
* The name of the secret that contains the token.
*/
secret: string;
}
| {
/**
* The name of the environment variable that contains the token. Only supported in declarative connection configs.
*/
env: string;
};
[k: string]: unknown; [k: string]: unknown;
} }
export interface GCPIAPIdentityProviderConfig { export interface GCPIAPIdentityProviderConfig {
provider: "gcp-iap"; provider: "gcp-iap";
audience: audience: {
| { /**
/** * The name of the environment variable that contains the token. Only supported in declarative connection configs.
* The name of the secret that contains the token. */
*/ env: string;
secret: string; };
}
| {
/**
* The name of the environment variable that contains the token. Only supported in declarative connection configs.
*/
env: string;
};
[k: string]: unknown; [k: string]: unknown;
} }

55
packages/web/src/ee/features/sso/sso.ts
View file

@ -14,7 +14,7 @@ import { onCreateUser } from "@/lib/authUtils";
import { createLogger } from "@sourcebot/logger"; import { createLogger } from "@sourcebot/logger";
import { hasEntitlement, loadConfig } from "@sourcebot/shared"; import { hasEntitlement, loadConfig } from "@sourcebot/shared";
import { getTokenFromConfig } from "@sourcebot/crypto"; import { getTokenFromConfig } from "@sourcebot/crypto";
import { SINGLE_TENANT_ORG_ID } from "@/lib/constants"; import { GCPIAPIdentityProviderConfig, GitHubIdentityProviderConfig, GitLabIdentityProviderConfig, GoogleIdentityProviderConfig, KeycloakIdentityProviderConfig, MicrosoftEntraIDIdentityProviderConfig, OktaIdentityProviderConfig } from "@sourcebot/schemas/v3/index.type";
const logger = createLogger('web-sso'); const logger = createLogger('web-sso');
@ -26,19 +26,60 @@ export const getSSOProviders = async (): Promise<Provider[]> => {
for (const identityProvider of identityProviders) { for (const identityProvider of identityProviders) {
if (identityProvider.provider === "github") { if (identityProvider.provider === "github") {
const clientId = await getTokenFromConfig(identityProvider.clientId, SINGLE_TENANT_ORG_ID, db); const providerConfig = identityProvider as GitHubIdentityProviderConfig;
const clientSecret = await getTokenFromConfig(identityProvider.clientSecret, SINGLE_TENANT_ORG_ID, db); if (providerConfig.purpose !== "sso") {
const baseUrl = identityProvider.baseUrl ? await getTokenFromConfig(identityProvider.baseUrl, SINGLE_TENANT_ORG_ID, db) : undefined; continue;
}
const clientId = await getTokenFromConfig(providerConfig.clientId);
const clientSecret = await getTokenFromConfig(providerConfig.clientSecret);
const baseUrl = providerConfig.baseUrl ? await getTokenFromConfig(providerConfig.baseUrl) : undefined;
providers.push(createGitHubProvider(clientId, clientSecret, baseUrl)); providers.push(createGitHubProvider(clientId, clientSecret, baseUrl));
} }
if (identityProvider.provider === "gitlab") { if (identityProvider.provider === "gitlab") {
const clientId = await getTokenFromConfig(identityProvider.clientId, SINGLE_TENANT_ORG_ID, db); const providerConfig = identityProvider as GitLabIdentityProviderConfig;
const clientSecret = await getTokenFromConfig(identityProvider.clientSecret, SINGLE_TENANT_ORG_ID, db); if (providerConfig.purpose !== "sso") {
const baseUrl = identityProvider.baseUrl ? await getTokenFromConfig(identityProvider.baseUrl, SINGLE_TENANT_ORG_ID, db) : undefined; continue;
}
const clientId = await getTokenFromConfig(providerConfig.clientId);
const clientSecret = await getTokenFromConfig(providerConfig.clientSecret);
const baseUrl = providerConfig.baseUrl ? await getTokenFromConfig(providerConfig.baseUrl) : undefined;
providers.push(createGitLabProvider(clientId, clientSecret, baseUrl)); providers.push(createGitLabProvider(clientId, clientSecret, baseUrl));
} }
if (identityProvider.provider === "google") {
const providerConfig = identityProvider as GoogleIdentityProviderConfig;
const clientId = await getTokenFromConfig(providerConfig.clientId);
const clientSecret = await getTokenFromConfig(providerConfig.clientSecret);
providers.push(createGoogleProvider(clientId, clientSecret));
}
if (identityProvider.provider === "okta") {
const providerConfig = identityProvider as OktaIdentityProviderConfig;
const clientId = await getTokenFromConfig(providerConfig.clientId);
const clientSecret = await getTokenFromConfig(providerConfig.clientSecret);
const issuer = await getTokenFromConfig(providerConfig.issuer);
providers.push(createOktaProvider(clientId, clientSecret, issuer));
}
if (identityProvider.provider === "keycloak") {
const providerConfig = identityProvider as KeycloakIdentityProviderConfig;
const clientId = await getTokenFromConfig(providerConfig.clientId);
const clientSecret = await getTokenFromConfig(providerConfig.clientSecret);
const issuer = await getTokenFromConfig(providerConfig.issuer);
providers.push(createKeycloakProvider(clientId, clientSecret, issuer));
}
if (identityProvider.provider === "microsoft-entra-id") {
const providerConfig = identityProvider as MicrosoftEntraIDIdentityProviderConfig;
const clientId = await getTokenFromConfig(providerConfig.clientId);
const clientSecret = await getTokenFromConfig(providerConfig.clientSecret);
const issuer = await getTokenFromConfig(providerConfig.issuer);
providers.push(createMicrosoftEntraIDProvider(clientId, clientSecret, issuer));
}
if (identityProvider.provider === "gcp-iap") {
const providerConfig = identityProvider as GCPIAPIdentityProviderConfig;
const audience = await getTokenFromConfig(providerConfig.audience);
providers.push(createGCPIAPProvider(audience));
}
} }
// @deprecate
if (env.AUTH_EE_GITHUB_CLIENT_ID && env.AUTH_EE_GITHUB_CLIENT_SECRET) { if (env.AUTH_EE_GITHUB_CLIENT_ID && env.AUTH_EE_GITHUB_CLIENT_SECRET) {
providers.push(createGitHubProvider(env.AUTH_EE_GITHUB_CLIENT_ID, env.AUTH_EE_GITHUB_CLIENT_SECRET, env.AUTH_EE_GITHUB_BASE_URL)); providers.push(createGitHubProvider(env.AUTH_EE_GITHUB_CLIENT_ID, env.AUTH_EE_GITHUB_CLIENT_SECRET, env.AUTH_EE_GITHUB_BASE_URL));
} }