draft: add TTL parameter

vasil-cf · vasil-cf · commit 57e235ef5d76 · 2025-06-18T18:18:26.000+04:00
diff --git a/incubating/obtain-oidc-id-token/step.yaml b/incubating/obtain-oidc-id-token/step.yaml
@@ -1,7 +1,7 @@
 version: '1.0'
 kind: step-type
 metadata:
-  version: 1.2.3
+  version: 1.3.0
   name: obtain-oidc-id-token
   description: >-
     Obtain ID token from Codefresh OIDC Provider
@@ -84,6 +84,10 @@ spec:
            "AUDIENCE": {
                "type": "string",
                "description": "the audience of the ID token. For multiple audiences, use a comma-separated list. Defaults to the address of the Codefresh platform instance (For SaaS, https://g.codefresh.io)"
+           },
+           "TTL": {
+               "type": "number",
+               "description": "TODO"
            }
         }
     }
@@ -111,23 +115,47 @@ spec:
       shell: bash
       environment:
         - 'AUDIENCE=${{AUDIENCE}}'
+        - 'TTL=${{TTL}}'
       commands:
         - |
           URL="$CF_OIDC_REQUEST_URL"
           
+          echo "vasil url: ${URL}"
+          
           # This means that audience was provided by the user
           if [ -z "$(echo "$AUDIENCE" | grep '${{AUDIENCE')" ]; then
             ENCODED_AUDIENCE=$(echo -n "$AUDIENCE" | jq -s -R -r '@uri')
             URL="$URL?audience=$ENCODED_AUDIENCE"
           fi
           
+          # This means that audience was provided by the user
+          if [ -z "$(echo "$TTL" | grep '${{TTL')" ]; then
+            # ENCODED_AUDIENCE=$(echo -n "$AUDIENCE" | jq -s -R -r '@uri')
+            
+            # TODO: don't use ? if audience was already added
+            URL="$URL?ttl=$TTL"
+          fi
+          
+          echo "vasil url: ${URL}"
+          
           RESPONSE=$(curl -H "Authorization: $CF_OIDC_REQUEST_TOKEN" "$URL")
+          
+          echo "vasil response: ${RESPONSE}"
+          
           ID_TOKEN=$(echo "$RESPONSE" | jq -r ".id_token")
           
+          echo "vasil token: ${ID_TOKEN}"
+          
           if [ -z "$ID_TOKEN" ] || [ "$ID_TOKEN" = "null" ]; then
+            echo "vasil exit flow"
+            
             echo "Failed to obtain ID token; API response:"
             echo "$RESPONSE"
             exit 1
           fi
           
+          echo "vasil before cf_export"
+          
           cf_export ID_TOKEN=$ID_TOKEN --mask
+          
+          echo "vasil after cf_export"
