Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improvements to readme #86

Merged
merged 8 commits into from
Nov 2, 2023
Merged

Improvements to readme #86

merged 8 commits into from
Nov 2, 2023

Conversation

geofflamrock
Copy link
Collaborator

This PR makes some minor improvements to the readme, to better explain using OIDC and flesh out the examples a bit.

@geofflamrock geofflamrock requested a review from a team as a code owner October 27, 2023 00:52
@changeset-bot
Copy link

changeset-bot bot commented Oct 27, 2023
edited
Loading

⚠️ No Changeset found

Latest commit: 88123b0

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

dylanlerch
dylanlerch reviewed Oct 30, 2023
View reviewed changes
README.md Outdated
- Configure an OIDC identity that matches the GitHub Actions subject claim for your repository and workflow. See the [GitHub documentation](https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#defining-trust-conditions-on-cloud-roles-using-oidc-claims) for examples of the subject claim.
- Create a [service account](https://oc.to/ServiceAccount) in Octopus with the permissions required. Note that OIDC is only support for service accounts, not user accounts.
- Configure an OIDC identity for the service account that matches the GitHub Actions subject claim for your repository and workflow. See the [Octopus OIDC documentation](https://oc.to/ServiceAccountOidcIdentities) for more information.
- Examples of the subject claims can be found in the [GitHub documentation](https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#defining-trust-conditions-on-cloud-roles-using-oidc-claims).
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Link text could be more descriptive to be clearer when read out of context. https://dequeuniversity.com/tips/link-text

Potentially something like: GitHub OIDC claims documentation

dylanlerch
dylanlerch approved these changes Oct 30, 2023
View reviewed changes
Copy link

@dylanlerch dylanlerch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some comments on link text, but otherwise 👌.

@geofflamrock geofflamrock merged commit 400c628 into main Nov 2, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dylanlerch dylanlerch dylanlerch approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@geofflamrock @dylanlerch