Investigate Dex from Argo CD (or keycloak) more for improved auth and permissions #1
Description
Dex is essentially middleware for auth that would let you accept a login from GitHub then let the user into all our tools rather than use per-tool setup. It may in some cases also allow for more powerful configuration. For instance in Jenkins the "GitHub OAuth" plugin powers a basic GitHub-oriented login but doesn't let you get very granular about access - either you're an admin or you could possibly allow for a hodge podge of matching repo-access to levels of access to associated jobs in Jenkins. With Dex you should be able to use a different Jenkins auth strategy that's more granular while Dex lets that be fronted by any number of actual logins (like GitHub)
This isn't particularly high priority but I played with it some and got it working to a point. Just needs more time but other priorities are ahead of it.
Edit: Or just Keycloak instead - have had a POC running