M.Y

icon indicating a website link https://m0rosan.gitlab.io/readme/

icon company @cloudwego

Results 15 issues of M.Y

token TTL

token TTL implementation is not great. this is because GitLab doesn't implement custom token expiry in minutes/hours. token always expire at midnight UTC. https://gitlab.com/gitlab-org/gitlab/-/issues/335535

run acceptance test in CI

it currently only runs unit test. we need to run acceptance test in CI self-hosted gitlab and isolated vault instance in docker

CLI to work with CI_JOB_JWT

continuing from #16, instead of scripts, create CLIs to facilitate 1. vault resource creation - roles and policies 2. script in a job that authenticate with vault with CI_JOB_JWT then...

enhancement

Instruction with GitLab CI_JOB_JWT

creating instruction how to setup project with CI_JOB_JWT with secure manner 1. setting up vault instance with gitlab 2. vault resource and policy that only configured project can hit specific...

documentation
good first issue

SPIKE: feasibility with native gitlab vault support

gitlab natively supports vault in ci yaml. https://docs.gitlab.com/ee/ci/yaml/#secretsvault https://docs.gitlab.com/ee/ci/secrets/ check detailed implementation of it and feasibility of using this secrets backend instead of kv document if it's possible or not