Skip to content

Commit 9a5e221

Browse files
authored
Merge pull request #273 from metal-stack/edit-hmacs
feat: add support for non-Admin HMACs
1 parent d143cb7 commit 9a5e221

File tree

3 files changed

+11
-3
lines changed

3 files changed

+11
-3
lines changed

README.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -87,6 +87,7 @@ contexts:
8787
client_id: metal_client
8888
client_secret: 456
8989
hmac: YOUR_HMAC
90+
hmacAuthType: THE_AUTH_TYPE_OF_YOUR_HMAC # Metal-Admin, Metal-Edit or Metal-View
9091
```
9192
9293
Optional you can specify `issuer_type: generic` if you use other issuers as Dex, e.g. Keycloak (this will request scopes `openid,profile,email`):

cmd/root.go

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -203,6 +203,11 @@ func initConfigWithViperCtx(c *config) error {
203203
if hmacKey == "" && ctx.HMAC != nil {
204204
hmacKey = *ctx.HMAC
205205
}
206+
hmacAuthType := viper.GetString("hmac-auth-type")
207+
if hmacAuthType == "" && ctx.HMACAuthType != "" {
208+
hmacAuthType = ctx.HMACAuthType
209+
}
210+
206211
apiToken := viper.GetString("api-token")
207212

208213
// if there is no api token explicitly specified we try to pull it out of the kubeconfig context
@@ -215,7 +220,7 @@ func initConfigWithViperCtx(c *config) error {
215220
}
216221
}
217222

218-
client, err := metalgo.NewDriver(driverURL, apiToken, hmacKey)
223+
client, err := metalgo.NewDriver(driverURL, apiToken, hmacKey, metalgo.AuthType(hmacAuthType))
219224
if err != nil {
220225
return err
221226
}

pkg/api/context.go

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -25,11 +25,13 @@ type Context struct {
2525
ClientID string `yaml:"client_id"`
2626
ClientSecret string `yaml:"client_secret"`
2727
HMAC *string `yaml:"hmac"`
28+
HMACAuthType string `yaml:"hmac_auth_type,omitempty"`
2829
}
2930

3031
var defaultCtx = Context{
31-
ApiURL: "http://localhost:8080/cloud",
32-
IssuerURL: "http://localhost:8080/",
32+
ApiURL: "http://localhost:8080/cloud",
33+
IssuerURL: "http://localhost:8080/",
34+
HMACAuthType: "Metal-Admin",
3335
}
3436

3537
func GetContexts() (*Contexts, error) {

0 commit comments

Comments
 (0)