webnet/tailscale
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

cmd,internal,feature: add workload idenity support to gitops pusher

Browse Source 
Add support for authenticating the gitops-pusher using workload identity
federation.

Updates https://github.com/tailscale/corp/issues/34172

Signed-off-by: Mario Minardi <mario@tailscale.com>
This commit is contained in:
Mario Minardi
2025-12-17 09:49:34 -07:00
committed by Mario Minardi
parent 3e45e5b420
commit 4c37141ab7
3 changed files with 84 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files
feature/identityfederation/identityfederation.go
+1
View File
@@ -24,6 +24,7 @@ import (
func init() {
feature.Register("identityfederation")
tailscale.HookResolveAuthKeyViaWIF.Set(resolveAuthKey)
tailscale.HookExchangeJWTForTokenViaWIF.Set(exchangeJWTForToken)
}
// resolveAuthKey uses OIDC identity federation to exchange the provided ID token and client ID for an authkey.