Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(controller): add SkipImpersonationReview featuregate #422

Merged
merged 1 commit into from
Apr 26, 2024
Merged

feat(controller): add SkipImpersonationReview featuregate #422

merged 1 commit into from
Apr 26, 2024

Conversation

oliverbaehler
Copy link
Collaborator

With this feature you can disable the capsule proxy to review the impersonated properties. Scenarios where this might be relevant are describe in the issue: #420

It also fixes the other properties for the impersonation which were added with:

They should be also functional, no clue where these changes got lost :D

Closes #420 🍀

@oliverbaehler oliverbaehler added this to the 0.7.0 milestone Apr 11, 2024
prometherion
prometherion requested changes Apr 11, 2024
View reviewed changes
Copy link
Member

@prometherion prometherion left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also in the main, let's highlight if the option is enabled and all the bad things that could happen with this option enabled: you must be aware of what you're doing.

Furthermore, don't you think we could introduce this as a FeatureGate? 🤔

@oliverbaehler oliverbaehler force-pushed the feat/skip-impersonation-rewview branch from 8ee20ae to 31df01f Compare April 11, 2024 15:19
@oliverbaehler oliverbaehler changed the title feat(controller): add --skip-impersonation-review option feat(controller): add SkipImpersonationReview featuregate Apr 11, 2024
@oliverbaehler oliverbaehler changed the title feat(controller): add SkipImpersonationReview featuregate feat(controller): add SkipImpersonationReview featuregate Apr 11, 2024
@oliverbaehler oliverbaehler self-assigned this Apr 11, 2024
@oliverbaehler oliverbaehler added the enhancement New feature or request label Apr 11, 2024
@maxgio92
Copy link
Collaborator

It would make sense @prometherion.
That would exponentially reduce the probability to disable the review by mistake

@oliverbaehler oliverbaehler requested a review from maxgio92 April 15, 2024 11:53
@prometherion
Copy link
Member

prometherion commented Apr 25, 2024
edited
Loading

I think we can merge this, it's a +1 for me.

We also need efforts to document this on the Capsule documentation regarding the Proxy.

@maxgio92
Copy link
Collaborator

LGMT

@oliverbaehler oliverbaehler merged commit 1383d01 into projectcapsule:main Apr 26, 2024
8 of 10 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@maxgio92 maxgio92 maxgio92 approved these changes

@prometherion prometherion prometherion approved these changes

Assignees

@oliverbaehler oliverbaehler

Labels
enhancement New feature or request
Projects
None yet
Milestone
0.7.0
Development

Successfully merging this pull request may close these issues.

feat: option to skip impersonation review for proxy environments (teleport)
3 participants
@oliverbaehler @maxgio92 @prometherion