Home Explore Help
Sign In
Tailscale
/
tailscale
mirror of https://github.com/tailscale/tailscale.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

cmd/gitops-pusher: fix precedence when id token env var is empty

Fix precedence logic to skip federated identity logic when the
associated environment variables are empty.

Updates https://github.com/tailscale/gitops-acl-action/issues/71

Signed-off-by: Mario Minardi <[email protected]>
Mario Minardi 1 month ago
parent
03461ea7fb
commit
b4d39e2fd9
1 changed files with 1 additions and 1 deletions
Unified View Show Diff Stats
  1. 1 1
      cmd/gitops-pusher/gitops-pusher.go

+ 1 - 1
cmd/gitops-pusher/gitops-pusher.go
View File 

@@ -252,7 +252,7 @@ func getCredentials() (*http.Client, string) {
 
 				TokenURL:     fmt.Sprintf("https://%s/api/v2/oauth/token", *apiServer),
 
 				TokenURL:     fmt.Sprintf("https://%s/api/v2/oauth/token", *apiServer),
 
 			}
 
 			}
 
 			client = oauthConfig.Client(context.Background())
 
 			client = oauthConfig.Client(context.Background())
 
-		} else if idok {
 
+		} else if idok && idToken != "" && oiok && oauthId != "" {
 
 			if exchangeJWTForToken, ok := tailscale.HookExchangeJWTForTokenViaWIF.GetOk(); ok {
 
 			if exchangeJWTForToken, ok := tailscale.HookExchangeJWTForTokenViaWIF.GetOk(); ok {
 
 				var err error
 
 				var err error
 
 				apiKeyEnv, err = exchangeJWTForToken(context.Background(), fmt.Sprintf("https://%s", *apiServer), oauthId, idToken)
 
 				apiKeyEnv, err = exchangeJWTForToken(context.Background(), fmt.Sprintf("https://%s", *apiServer), oauthId, idToken)