Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[poc] GitHub proxy #47968

Draft
wants to merge 9 commits into
base: master
Choose a base branch
from
Draft

[poc] GitHub proxy #47968

wants to merge 9 commits into from

Conversation

greedy52
Copy link
Contributor

@greedy52 greedy52 commented Oct 25, 2024
edited
Loading

RFD:

Setup:

  • Login as an admin user (e.g with editor role) on WebUI, follow guided enrolment for GitHub integration.

Overview:

sequenceDiagram                                
    participant git                                
    participant tsh                                
    participant client browser                                
    participant Proxy                                
    participant Auth                                
    participant GitHub                                
                                
    git->>tsh: sshCommand="tsh git ssh"                                
    alt no GitHub user ID                                
      tsh->>Proxy: CreateGitHubAuthRequestForUser                                
      Proxy->>Auth: CreateGitHubAuthRequestForUser                                
      tsh->> client browser: open                                
      client browser->> GitHub: redirect                                
      GitHub<<->>Proxy: callback                                
      Proxy<<->>Auth: verify callback and generate new cert with GitHub user ID                                
      client browser->>tsh: new cert with GitHub user ID                                
    end                                
    tsh->>Proxy: SSH transport and RBAC                                
    Proxy->>Auth: `GenerateGitHubUserCert`                                
    Auth->>Proxy: signed cert with "[email protected]" ext                                   
    Proxy->>GitHub: forward SSH                                
    git <<->>GitHub: pack-protocol
Loading

@aws-amplify-us-west-2 AWS Amplify (us-west-2)
Copy link

This pull request is automatically being deployed by Amplify Hosting (learn more).

Access this pull request here: https://pr-47968.d3pp5qlev8mo18.amplifyapp.com

@greedy52 greedy52 force-pushed the STeve/proxy_github_v5 branch 2 times, most recently from bd15d15 to 6a88a15 Compare October 25, 2024 19:30
@greedy52 greedy52 force-pushed the STeve/proxy_github_v5 branch from 6a88a15 to 35c34f7 Compare October 27, 2024 22:46
@greedy52 greedy52 force-pushed the STeve/proxy_github_v5 branch from 5a0c5c3 to ab5ff4e Compare October 28, 2024 14:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@greedy52