Expanding Authentication Support for GitHub

[mcantinqc]

The latest version of FluxCD provider has limited authentication options, allowing only SSH key or Username/Password for git authentication. In contrast, the previous version allowed us to utilize any provider of our preference, such as the official GitHub provider (https://registry.terraform.io/providers/integrations/github/latest/docs), which supported GitHub-specific authentication methods like PAT or app_auth.

The absence of support for these GitHub-specific authentication methods is seen as a step backward for me.

[mcantinqc]

A potential workaround could involve the following steps:

• Generate a deploy key using both the TLS provider and the Github provider.
• Utilize the newly created deploy key with the Flux provider.
• Either disregard the presence of the redundant deploy key or attempt to configure the Flux provider to utilize it. However, this may require using the kubectl or kubernetes provider to create the namespace and secret, and it remains uncertain whether this approach will be successful.

While this workaround remains feasible, it introduces additional complexity compared to the previous method.

[stefanprodan]

You can pass the deploy key (SSH private key file) that you’ve generated with the GitHub provider to Flux and it will create the secret for you.

[TomBillietKlarrio]

That are indeed workarounds. But our current pipeline has no permissions to generate deploy keys, and we'd like to keep it that way. So just being able to use tokes like we currently do would be useful.

[swade1987]

Hello @mcantinqc 👋

I hope all is well with you. I'm just contacting you as part of our initiative to ensure the quality and responsiveness of our project's issue tracking. Thank you for your previous contributions by reporting issues you've encountered; your engagement is invaluable to the health and progress of our project.

I've reviewed the issue you reported and noted that it involves using supported resources, which is great. However, I also noticed that there has been little activity on this issue lately. We understand that circumstances change and priorities shift, which may affect the urgency or relevance of an issue.

We're implementing a policy regarding inactive issues to keep our project's issue tracker effective and up-to-date. If there's no further activity on this issue within the next 3 weeks, we will mark it inactive and close it. This approach helps us maintain focus on current and actively pursued concerns, ensuring resources are well allocated.

That said, we are still very much interested in resolving the issue you've encountered. If the problem persists or if you have any new information that could help us address it, please don't hesitate to update the issue or comment. Your input could be crucial in finding a resolution. Alternatively, if the issue no longer affects you or has been resolved, let us know so we can close it with the right resolution.

We're here to support and work with you to overcome any challenges you face using our project. Your continued feedback and participation are essential to our community's success.

Thank you once again for your contribution. I look forward to your update and am here to assist with any further questions or issues you might have.

Best regards,

Steve

[swade1987]

@mcantinqc I have created an example of using a PAT with the flux_bootstrap_git resource available here does this resolve your issue or are looking for something else?