Skip to content

Instantly share code, notes, and snippets.

@evilUrge
Last active Jul 12, 2021
Embed
What would you like to do?
Add\remove user automatically to JFrog from a triggered github webhook call
exports.handler = async (event, context, callback) => {
const
baseJFrogURL = 'https://yourorg.jfrog.io/artifactory',
request = event.Records[0].cf.request,
body = request.body;
switch (body.action) {
case 'added':
const orgEmailAddress = useJeffUserQueryHere(body.member.login) // Your place to shine!
const payload = {
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"userName": orgEmailAddress,
"active": true,
"internalPasswordDisabled": true,
"admin": true, // Need to figure out from where to fetch this one?
"emails": [
{
"value": orgEmailAddress,
"primary": true
}
],
"groups": [
"readers",
body.team.name, // As long as our names are the same!
`${body.team.name}-admin` // If admin!
],
}
const response = await fetch(`${baseJFrogURL}/api/v1/scim/v2/Users`, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
}, body: JSON.stringify(payload),
}).then(res => res.ok ? res.json : false)
return callback(null, response);
case 'removed':
// Probably the same as above
break;
}
}
@cuperman

This comment has been minimized.

Copy link

@cuperman cuperman commented Jul 9, 2021

oh interesting idea. you want us to use github as the source of truth for our users, and automatically propagate users to our other cloud tools?

@evilUrge

This comment has been minimized.

Copy link
Owner Author

@evilUrge evilUrge commented Jul 12, 2021

Indeed, then again, as we're managing users via Azure-AD, maybe it makes more sense to trigger the same from AD based on the user's security groups

https://docs.microsoft.com/en-us/azure/active-directory-b2c/azure-monitor#62-create-a-workbook

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment