mirror of
https://github.com/sourcegraph/sourcegraph.git
synced 2026-02-06 20:31:48 +00:00
c4c375a642
They should not be used outside of cmd/frontend, so making it a frontend internal package. While doing that, I realized that there is a coupling dependency between authz providers and auth (which is authN) providers: GitLab code host connections can do authz mapping via the usernames of another OIDC or SAML auth provider (https://sourcegraph.com/docs/admin/code_hosts/gitlab#administrator-sudo-level-access-token). It turns out this feature does not work anymore, since at least several releases, because we don't actually instantiate auth providers outside of `cmd/frontend` and thus the mapping will never find anything (auth providers don't explode when queried before init, unlike authz). This only now became clear as I moved this code, and the dependency graph was broken, so that's a nice property of these cleanups I guess 😬 Since it doesn't seem to work for quite some time, I opted for removing it, and added a changelog entry about it. Not sure if that is sufficient, I raised a thread here: https://sourcegraph.slack.com/archives/C03K05FCRFH/p1721848436473209. This would've prevented this change and needed more refactoring as unfortunately we cannot map an auth provider by the conf type to a record in the `user_external_accounts` table and need to actually instantiate it. Test plan: Compiler doesn't complain, tests still pass. ## Changelog GitLab code host connections were [able to sync permissions by mapping Sourcegraph users to GitLab users via the username property of an external OIDC or SAML provider](https://sourcegraph.com/docs/admin/code_hosts/gitlab#administrator-sudo-level-access-token) that is shared across Sourcegraph and GitLab. This integration stopped working a long time ago, and it has been removed in this release. |
||
|---|---|---|
| .. | ||
| accountdata.go | ||
| BUILD.bazel | ||