diff --git a/client.go b/client.go index f86b966..a6739f9 100644 --- a/client.go +++ b/client.go @@ -34,6 +34,7 @@ type RootQueryType struct { EabCredentials []*EabCredential "json:\"eabCredentials\" graphql:\"eabCredentials\"" KeyBackups *KeyBackupConnection "json:\"keyBackups\" graphql:\"keyBackups\"" KeyBackup *KeyBackup "json:\"keyBackup\" graphql:\"keyBackup\"" + OidcToken *string "json:\"oidcToken\" graphql:\"oidcToken\"" RepositorySubscription *RepositorySubscription "json:\"repositorySubscription\" graphql:\"repositorySubscription\"" Subscriptions *RepositorySubscriptionConnection "json:\"subscriptions\" graphql:\"subscriptions\"" PlatformPlans []*PlatformPlan "json:\"platformPlans\" graphql:\"platformPlans\"" @@ -135,6 +136,8 @@ type RootMutationType struct { DestroyCluster *bool "json:\"destroyCluster\" graphql:\"destroyCluster\"" CreateKeyBackup *KeyBackup "json:\"createKeyBackup\" graphql:\"createKeyBackup\"" DeleteKeyBackup *KeyBackup "json:\"deleteKeyBackup\" graphql:\"deleteKeyBackup\"" + CreateTrustRelationship *OidcTrustRelationship "json:\"createTrustRelationship\" graphql:\"createTrustRelationship\"" + DeleteTrustRelationship *OidcTrustRelationship "json:\"deleteTrustRelationship\" graphql:\"deleteTrustRelationship\"" CreateCard *Account "json:\"createCard\" graphql:\"createCard\"" SetupIntent *SetupIntent "json:\"setupIntent\" graphql:\"setupIntent\"" DefaultPaymentMethod *bool "json:\"defaultPaymentMethod\" graphql:\"defaultPaymentMethod\"" @@ -393,6 +396,13 @@ type OIDCProvider struct { UserinfoEndpoint *string "json:\"userinfoEndpoint\" graphql:\"userinfoEndpoint\"" } "json:\"configuration\" graphql:\"configuration\"" } +type OidcTrustRelationshipFragment struct { + ID string "json:\"id\" graphql:\"id\"" + Issuer string "json:\"issuer\" graphql:\"issuer\"" + Trust string "json:\"trust\" graphql:\"trust\"" + Scopes []string "json:\"scopes\" graphql:\"scopes\"" + InsertedAt *string "json:\"insertedAt\" graphql:\"insertedAt\"" +} type PublicKeyFragment struct { ID string "json:\"id\" graphql:\"id\"" Content string "json:\"content\" graphql:\"content\"" @@ -635,6 +645,9 @@ type CreateStack struct { type CreateTest struct { CreateTest *TestFragment "json:\"createTest\" graphql:\"createTest\"" } +type CreateTrust struct { + CreateTrustRelationship *OidcTrustRelationshipFragment "json:\"createTrustRelationship\" graphql:\"createTrustRelationship\"" +} type CreateUpgrade struct { CreateUpgrade *struct { ID string "json:\"id\" graphql:\"id\"" @@ -661,6 +674,11 @@ type DeleteRepository struct { type DeleteShell struct { DeleteShell *CloudShellFragment "json:\"deleteShell\" graphql:\"deleteShell\"" } +type DeleteTrust struct { + DeleteTrustRelationship *struct { + ID string "json:\"id\" graphql:\"id\"" + } "json:\"deleteTrustRelationship\" graphql:\"deleteTrustRelationship\"" +} type DestroyCluster struct { DestroyCluster *bool "json:\"destroyCluster\" graphql:\"destroyCluster\"" } @@ -910,11 +928,15 @@ type Login struct { } type Me struct { Me *struct { - ID string "json:\"id\" graphql:\"id\"" - Email string "json:\"email\" graphql:\"email\"" - Demoing *bool "json:\"demoing\" graphql:\"demoing\"" + ID string "json:\"id\" graphql:\"id\"" + Email string "json:\"email\" graphql:\"email\"" + Demoing *bool "json:\"demoing\" graphql:\"demoing\"" + TrustRelationships *OidcTrustRelationshipFragment "json:\"trustRelationships\" graphql:\"trustRelationships\"" } "json:\"me\" graphql:\"me\"" } +type OidcToken struct { + OidcToken *string "json:\"oidcToken\" graphql:\"oidcToken\"" +} type PollLoginToken struct { LoginToken *struct { Jwt *string "json:\"jwt\" graphql:\"jwt\"" @@ -1548,6 +1570,33 @@ func (c *Client) CreateTest(ctx context.Context, name string, attrs TestAttribut return &res, nil } +const CreateTrustDocument = `mutation CreateTrust ($attributes: TrustRelationshipAttributes!) { + createTrustRelationship(attributes: $attributes) { + ... OidcTrustRelationshipFragment + } +} +fragment OidcTrustRelationshipFragment on OidcTrustRelationship { + id + issuer + trust + scopes + insertedAt +} +` + +func (c *Client) CreateTrust(ctx context.Context, attributes TrustRelationshipAttributes, httpRequestOptions ...client.HTTPRequestOption) (*CreateTrust, error) { + vars := map[string]interface{}{ + "attributes": attributes, + } + + var res CreateTrust + if err := c.Client.Post(ctx, "CreateTrust", CreateTrustDocument, &res, vars, httpRequestOptions...); err != nil { + return nil, err + } + + return &res, nil +} + const CreateUpgradeDocument = `mutation CreateUpgrade ($queue: String!, $repository: String!, $attributes: UpgradeAttributes!) { createUpgrade(queue: $queue, repositoryName: $repository, attributes: $attributes) { id @@ -1680,6 +1729,26 @@ func (c *Client) DeleteShell(ctx context.Context, httpRequestOptions ...client.H return &res, nil } +const DeleteTrustDocument = `mutation DeleteTrust ($id: ID!) { + deleteTrustRelationship(id: $id) { + id + } +} +` + +func (c *Client) DeleteTrust(ctx context.Context, id string, httpRequestOptions ...client.HTTPRequestOption) (*DeleteTrust, error) { + vars := map[string]interface{}{ + "id": id, + } + + var res DeleteTrust + if err := c.Client.Post(ctx, "DeleteTrust", DeleteTrustDocument, &res, vars, httpRequestOptions...); err != nil { + return nil, err + } + + return &res, nil +} + const DestroyClusterDocument = `mutation DestroyCluster ($domain: String!, $name: String!, $provider: Provider!) { destroyCluster(domain: $domain, name: $name, provider: $provider) } @@ -3811,8 +3880,18 @@ const MeDocument = `query Me { id email demoing + trustRelationships { + ... OidcTrustRelationshipFragment + } } } +fragment OidcTrustRelationshipFragment on OidcTrustRelationship { + id + issuer + trust + scopes + insertedAt +} ` func (c *Client) Me(ctx context.Context, httpRequestOptions ...client.HTTPRequestOption) (*Me, error) { @@ -3826,6 +3905,26 @@ func (c *Client) Me(ctx context.Context, httpRequestOptions ...client.HTTPReques return &res, nil } +const OidcTokenDocument = `query OidcToken ($provider: ExternalOidcProvider!, $token: String!, $email: String!) { + oidcToken(provider: $provider, idToken: $token, email: $email) +} +` + +func (c *Client) OidcToken(ctx context.Context, provider ExternalOidcProvider, token string, email string, httpRequestOptions ...client.HTTPRequestOption) (*OidcToken, error) { + vars := map[string]interface{}{ + "provider": provider, + "token": token, + "email": email, + } + + var res OidcToken + if err := c.Client.Post(ctx, "OidcToken", OidcTokenDocument, &res, vars, httpRequestOptions...); err != nil { + return nil, err + } + + return &res, nil +} + const PollLoginTokenDocument = `mutation PollLoginToken ($token: String!) { loginToken(token: $token) { jwt diff --git a/graph/models.graphql b/graph/models.graphql index 572cb53..60c80ff 100644 --- a/graph/models.graphql +++ b/graph/models.graphql @@ -247,4 +247,12 @@ fragment ChatMessageFragment on ChatMessage { role content name +} + +fragment OidcTrustRelationshipFragment on OidcTrustRelationship { + id + issuer + trust + scopes + insertedAt } \ No newline at end of file diff --git a/graph/users.graphql b/graph/users.graphql index 9c0eeac..9a607f2 100644 --- a/graph/users.graphql +++ b/graph/users.graphql @@ -1,5 +1,10 @@ query Me{ - me { id email demoing } + me { + id + email + demoing + trustRelationships { ...OidcTrustRelationshipFragment } + } } query GetLoginMethod($email: String!) { @@ -81,4 +86,16 @@ query GetHelp($prompt: String!) { query Chat($history: [ChatMessageAttributes]) { chat(history: $history) { ...ChatMessageFragment } -} \ No newline at end of file +} + +mutation CreateTrust($attributes: TrustRelationshipAttributes!) { + createTrustRelationship(attributes: $attributes) { ...OidcTrustRelationshipFragment } +} + +mutation DeleteTrust($id: ID!) { + deleteTrustRelationship(id: $id) { id } +} + +query OidcToken($provider: ExternalOidcProvider!, $token: String!, $email: String!) { + oidcToken(provider: $provider, idToken: $token, email: $email) +} \ No newline at end of file diff --git a/models_gen.go b/models_gen.go index e060c65..dcae265 100644 --- a/models_gen.go +++ b/models_gen.go @@ -1389,6 +1389,15 @@ type OidcStepResponse struct { Consent *ConsentRequest `json:"consent"` } +type OidcTrustRelationship struct { + ID string `json:"id"` + Issuer string `json:"issuer"` + Trust string `json:"trust"` + Scopes []string `json:"scopes"` + InsertedAt *string `json:"insertedAt"` + UpdatedAt *string `json:"updatedAt"` +} + type OnboardingChecklist struct { Status *OnboardingChecklistState `json:"status"` Dismissed *bool `json:"dismissed"` @@ -2403,6 +2412,12 @@ type TestStepAttributes struct { Logs *string `json:"logs,omitempty"` } +type TrustRelationshipAttributes struct { + Issuer string `json:"issuer"` + Trust string `json:"trust"` + Scopes []string `json:"scopes,omitempty"` +} + type UpdatablePlanAttributes struct { Default *bool `json:"default,omitempty"` ServiceLevels []*ServiceLevelAttributes `json:"serviceLevels,omitempty"` @@ -2514,17 +2529,18 @@ type User struct { // the groups attached to this user, only fetch this when querying an individual user Groups []*Group `json:"groups"` // the roles attached to this user, only fetch this when querying an individual user - BoundRoles []*Role `json:"boundRoles"` - Publisher *Publisher `json:"publisher"` - Account Account `json:"account"` - ImpersonationPolicy *ImpersonationPolicy `json:"impersonationPolicy"` - Invites []*Invite `json:"invites"` - Jwt *string `json:"jwt"` - HasInstallations *bool `json:"hasInstallations"` - Demoing *bool `json:"demoing"` - HasShell *bool `json:"hasShell"` - Avatar *string `json:"avatar"` - BackgroundColor *string `json:"backgroundColor"` + BoundRoles []*Role `json:"boundRoles"` + Publisher *Publisher `json:"publisher"` + Account Account `json:"account"` + ImpersonationPolicy *ImpersonationPolicy `json:"impersonationPolicy"` + TrustRelationships *OidcTrustRelationship `json:"trustRelationships"` + Invites []*Invite `json:"invites"` + Jwt *string `json:"jwt"` + HasInstallations *bool `json:"hasInstallations"` + Demoing *bool `json:"demoing"` + HasShell *bool `json:"hasShell"` + Avatar *string `json:"avatar"` + BackgroundColor *string `json:"backgroundColor"` // If a user has reached the demo project usage limit. Demoed *bool `json:"demoed"` Cards *CardConnection `json:"cards"` @@ -3119,6 +3135,45 @@ func (e DNSRecordType) MarshalGQL(w io.Writer) { fmt.Fprint(w, strconv.Quote(e.String())) } +type ExternalOidcProvider string + +const ( + ExternalOidcProviderGithubActions ExternalOidcProvider = "GITHUB_ACTIONS" +) + +var AllExternalOidcProvider = []ExternalOidcProvider{ + ExternalOidcProviderGithubActions, +} + +func (e ExternalOidcProvider) IsValid() bool { + switch e { + case ExternalOidcProviderGithubActions: + return true + } + return false +} + +func (e ExternalOidcProvider) String() string { + return string(e) +} + +func (e *ExternalOidcProvider) UnmarshalGQL(v interface{}) error { + str, ok := v.(string) + if !ok { + return fmt.Errorf("enums must be strings") + } + + *e = ExternalOidcProvider(str) + if !e.IsValid() { + return fmt.Errorf("%s is not a valid ExternalOidcProvider", str) + } + return nil +} + +func (e ExternalOidcProvider) MarshalGQL(w io.Writer) { + fmt.Fprint(w, strconv.Quote(e.String())) +} + type ImageGrade string const ( diff --git a/schema/schema.graphql b/schema/schema.graphql index b9bc843..10888bf 100644 --- a/schema/schema.graphql +++ b/schema/schema.graphql @@ -699,6 +699,10 @@ type Publisher { updatedAt: DateTime } +enum ExternalOidcProvider { + GITHUB_ACTIONS +} + type IncidentDelta { delta: Delta payload: Incident @@ -1495,6 +1499,12 @@ type GeoMetric { count: Int } +input TrustRelationshipAttributes { + issuer: String! + trust: String! + scopes: [String!] +} + input ShellCredentialsAttributes { aws: AwsShellCredentialsAttributes gcp: GcpShellCredentialsAttributes @@ -1720,6 +1730,10 @@ type RootMutationType { deleteKeyBackup(name: String!): KeyBackup + createTrustRelationship(attributes: TrustRelationshipAttributes!): OidcTrustRelationship + + deleteTrustRelationship(id: ID!): OidcTrustRelationship + createCard(source: String!, address: AddressAttributes): Account setupIntent(address: AddressAttributes): SetupIntent @@ -2180,6 +2194,8 @@ type RootQueryType { keyBackup(name: String!): KeyBackup + oidcToken(provider: ExternalOidcProvider!, idToken: String!, email: String!): String + repositorySubscription(id: ID!): RepositorySubscription subscriptions(after: String, first: Int, before: String, last: Int): RepositorySubscriptionConnection @@ -2419,6 +2435,26 @@ type VersionTag { updatedAt: DateTime } +type Upgrade { + id: ID! + type: UpgradeType + message: String + config: UpgradeConfig + repository: Repository + insertedAt: DateTime + updatedAt: DateTime +} + +type InviteEdge { + node: Invite + cursor: String +} + +type FileEdge { + node: File + cursor: String +} + type DeferredUpdate { id: ID! dequeueAt: DateTime @@ -2467,16 +2503,6 @@ type GroupedTagEdge { cursor: String } -type Upgrade { - id: ID! - type: UpgradeType - message: String - config: UpgradeConfig - repository: Repository - insertedAt: DateTime - updatedAt: DateTime -} - type PlanFeature { name: String! description: String! @@ -2497,16 +2523,6 @@ type VersionEdge { cursor: String } -type InviteEdge { - node: Invite - cursor: String -} - -type FileEdge { - node: File - cursor: String -} - "Possible cluster sources." enum Source { DEFAULT @@ -3646,6 +3662,8 @@ type User { impersonationPolicy: ImpersonationPolicy + trustRelationships: OidcTrustRelationship + invites: [Invite] jwt: String @@ -3711,6 +3729,15 @@ type UpgradeQueueDelta { payload: UpgradeQueue } +type OidcTrustRelationship { + id: ID! + issuer: String! + trust: String! + scopes: [String!] + insertedAt: DateTime + updatedAt: DateTime +} + scalar Map type Group {