-
Notifications
You must be signed in to change notification settings - Fork 595
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
mt-broker-filter: Allow only requests from Triggers Subscriptions OIDC ID #8147
mt-broker-filter: Allow only requests from Triggers Subscriptions OIDC ID #8147
Conversation
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: creydr The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #8147 +/- ##
==========================================
- Coverage 67.89% 67.75% -0.14%
==========================================
Files 368 370 +2
Lines 17571 17915 +344
==========================================
+ Hits 11930 12139 +209
- Misses 4893 5001 +108
- Partials 748 775 +27 ☔ View full report in Codecov by Sentry. |
9a249dc
to
5ba81fe
Compare
5ba81fe
to
897d9ee
Compare
Can't really do a unit test, as tokenVerifier can only run inside a cluster, and for an e2e test it is too implementation specific :/. So tested via the following:
with a token from the "default" service account:
and in the mt-broker-filter logs:
then with a token from the SA which is of the triggers subscription:
and in the mt-broker-filter logs:
|
/lgtm |
/test conformance-tests |
Fixes #7989
Proposed Changes
Release Note