Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: service accounts #383

Merged
merged 99 commits into from
Nov 24, 2024
Merged

feat: service accounts #383

merged 99 commits into from
Nov 24, 2024

Conversation

rohan-chaturvedi
Copy link
Member

@rohan-chaturvedi rohan-chaturvedi commented Oct 21, 2024

🔍 Overview

Currently, programmatic access to secrets in Phase can be achieved primarily via Service Tokens. These have significant limitations:

  • Cannot be restricted in their permissions (read, write, delete, etc)
  • Limited to a single app
  • Cannot be restricted to a path / folder
  • Cannot be used directly with third-party programmatic authentication schemes, such as AWS auth, Kubernetes auth, etc

💡 Proposed Changes

Add service accounts to allow for more sophisticated workflows around programmatic secret management. Service accounts are the machine equivalent of human users, and operate in much the same way:

  • Secured with encryption keys unique to each account
  • Can be granted access to multiple apps and envs, just like human users
  • Can be assigned a role to restrict access to resources and actions (ex: only allow a service account Secrets:read permission)

Service accounts also lays the foundation for more sophisticated authentication and access control, including third-party auth, path-based access, IP-base access and other features that we will be shipping in the near future

🖼️ Screenshots or Demo

Screenshot From 2024-11-19 18-42-13

Screenshot From 2024-11-19 18-43-49

Screenshot From 2024-11-19 18-44-07

Screenshot From 2024-11-19 18-50-03

📝 Release Notes

Added Service accounts

💚 Did You...

  • Ensure linting passes (code style checks)?
  • Update dependencies and lockfiles (if required)
  • Regenerate graphql schema and types (if required)
  • Verify the app builds locally?
  • Manually test the changes on different browsers/devices?

rohan-chaturvedi and others added 30 commits October 20, 2024 14:44
@rohan-chaturvedi rohan-chaturvedi marked this pull request as ready for review November 19, 2024 13:29
rohan-chaturvedi and others added 3 commits November 19, 2024 19:03
* feat: added sidebar state local storage context util

* feat: collapsible sidebar

* feat: sidebar provider in providers

* fix: misc updates to smooth transitions between states

* feat: misc tweaks to orgs menu

* fix: load stored state after component mount to prevent hydration mismatch

---------

Co-authored-by: Rohan <[email protected]>
nimish-ks
nimish-ks previously approved these changes Nov 21, 2024
@nimish-ks nimish-ks self-assigned this Nov 21, 2024
* feat: consolidate seat quota logic

* feat: misc updates to plan info display

* refactor: org seat usage types

* fix: misc copy and ui updates

* feat: remove feature list on self-hosted
@rohan-chaturvedi rohan-chaturvedi merged commit 4a9920d into main Nov 24, 2024
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants