github.com/caos/orbos@v1.5.14-0.20221103111702-e6cd0cea7ad4/internal/operator/boom/application/applications/monitoring/auth/github.go

github.com/caos/orbos@v1.5.14-0.20221103111702-e6cd0cea7ad4/internal/operator/boom/application/applications/monitoring/auth/github.go (about)

     1  package auth
     2  
     3  import (
     4  	"strings"
     5  
     6  	"github.com/caos/orbos/pkg/secret/read"
     7  
     8  	github "github.com/caos/orbos/internal/operator/boom/api/latest/monitoring/auth/Github"
     9  )
    10  
    11  func GetGithubAuthConfig(spec *github.Auth) (map[string]string, error) {
    12  	clientID, err := read.GetSecretValueOnlyIncluster(spec.ClientID, spec.ExistingClientIDSecret)
    13  	if err != nil {
    14  		return nil, err
    15  	}
    16  
    17  	clientSecret, err := read.GetSecretValueOnlyIncluster(spec.ClientSecret, spec.ExistingClientSecretSecret)
    18  	if err != nil {
    19  		return nil, err
    20  	}
    21  
    22  	if clientID == "" || clientSecret == "" {
    23  		return nil, nil
    24  	}
    25  
    26  	teamIds := strings.Join(spec.TeamIDs, " ")
    27  	allowedOrganizations := strings.Join(spec.AllowedOrganizations, " ")
    28  
    29  	return map[string]string{
    30  		"enabled":               "true",
    31  		"allow_sign_up":         "true",
    32  		"client_id":             clientID,
    33  		"client_secret":         clientSecret,
    34  		"scopes":                "user:email,read:org",
    35  		"auth_url":              "https://github.com/login/oauth/authorize",
    36  		"token_url":             "https://github.com/login/oauth/access_token",
    37  		"api_url":               "https://api.github.com/user",
    38  		"team_ids":              teamIds,
    39  		"allowed_organizations": allowedOrganizations,
    40  	}, nil
    41  }