Skip to content

Commit

Permalink
Update terraform shizz
Browse files Browse the repository at this point in the history
  • Loading branch information
@strideynet
strideynet committed Nov 15, 2024
1 parent f947287 commit e8350f6
Show file tree
Hide file tree
Showing 3 changed files with 46 additions and 0 deletions.
1 change: 1 addition & 0 deletions docs/pages/reference/terraform-provider/data-sources/provision_token.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,7 @@ Optional:
- `allow` (Attributes List) Allow is a list of TokenRules, nodes using this token must match one allow rule to use this token. (see [below for nested schema](#nested-schema-for-specgithuballow))
- `enterprise_server_host` (String) EnterpriseServerHost allows joining from runners associated with a GitHub Enterprise Server instance. When unconfigured, tokens will be validated against github.com, but when configured to the host of a GHES instance, then the tokens will be validated against host. This value should be the hostname of the GHES instance, and should not include the scheme or a path. The instance must be accessible over HTTPS at this hostname and the certificate must be trusted by the Auth Service.
- `enterprise_slug` (String) EnterpriseSlug allows the slug of a GitHub Enterprise organisation to be included in the expected issuer of the OIDC tokens. This is for compatibility with the `include_enterprise_slug` option in GHE. This field should be set to the slug of your enterprise if this is enabled. If this is not enabled, then this field must be left empty. This field cannot be specified if `enterprise_server_host` is specified. See https://docs.github.com/en/enterprise-cloud@latest/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#customizing-the-issuer-value-for-an-enterprise for more information about customized issuer values.
- `static_jwks` (String) StaticJWKS disables fetching of the GHES signing keys via the JWKS/OIDC endpoints, and allows them to be directly specified. This allows joining from GitHub Actions in GHES instances that are not reachable by the Teleport Auth Server.

Check failure on line 114 in docs/pages/reference/terraform-provider/data-sources/provision_token.mdx

View workflow job for this annotation

GitHub Actions / Lint docs prose style 

[vale] reported by reviewdog 🐶
[messaging.consistent-terms] For consistent product messaging in the docs, use '\"Auth Service\" (or \"Auth Service instance\" for a specific node)' instead of 'Auth Server'.

Raw Output:
{"message": "[messaging.consistent-terms] For consistent product messaging in the docs, use '\\\"Auth Service\\\" (or \\\"Auth Service instance\\\" for a specific node)' instead of 'Auth Server'.", "location": {"path": "docs/pages/reference/terraform-provider/data-sources/provision_token.mdx", "range": {"start": {"line": 114, "column": 248}}}, "severity": "ERROR"}

### Nested Schema for `spec.github.allow`

Expand Down
1 change: 1 addition & 0 deletions docs/pages/reference/terraform-provider/resources/provision_token.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -145,6 +145,7 @@ Optional:
- `allow` (Attributes List) Allow is a list of TokenRules, nodes using this token must match one allow rule to use this token. (see [below for nested schema](#nested-schema-for-specgithuballow))
- `enterprise_server_host` (String) EnterpriseServerHost allows joining from runners associated with a GitHub Enterprise Server instance. When unconfigured, tokens will be validated against github.com, but when configured to the host of a GHES instance, then the tokens will be validated against host. This value should be the hostname of the GHES instance, and should not include the scheme or a path. The instance must be accessible over HTTPS at this hostname and the certificate must be trusted by the Auth Service.
- `enterprise_slug` (String) EnterpriseSlug allows the slug of a GitHub Enterprise organisation to be included in the expected issuer of the OIDC tokens. This is for compatibility with the `include_enterprise_slug` option in GHE. This field should be set to the slug of your enterprise if this is enabled. If this is not enabled, then this field must be left empty. This field cannot be specified if `enterprise_server_host` is specified. See https://docs.github.com/en/enterprise-cloud@latest/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#customizing-the-issuer-value-for-an-enterprise for more information about customized issuer values.
- `static_jwks` (String) StaticJWKS disables fetching of the GHES signing keys via the JWKS/OIDC endpoints, and allows them to be directly specified. This allows joining from GitHub Actions in GHES instances that are not reachable by the Teleport Auth Server.

Check failure on line 148 in docs/pages/reference/terraform-provider/resources/provision_token.mdx

View workflow job for this annotation

GitHub Actions / Lint docs prose style 

[vale] reported by reviewdog 🐶
[messaging.consistent-terms] For consistent product messaging in the docs, use '\"Auth Service\" (or \"Auth Service instance\" for a specific node)' instead of 'Auth Server'.

Raw Output:
{"message": "[messaging.consistent-terms] For consistent product messaging in the docs, use '\\\"Auth Service\\\" (or \\\"Auth Service instance\\\" for a specific node)' instead of 'Auth Server'.", "location": {"path": "docs/pages/reference/terraform-provider/resources/provision_token.mdx", "range": {"start": {"line": 148, "column": 248}}}, "severity": "ERROR"}

### Nested Schema for `spec.github.allow`

Expand Down
44 changes: 44 additions & 0 deletions integrations/terraform/tfschema/token/types_terraform.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit e8350f6

Please sign in to comment.