feat: github team target implementation (#53)

* feat: github team target implementation * feat: improve docs and test existing
bcgov-nr · Dec 4, 2024 · 9549b67 · 9549b67
1 parent fc838bb
commit 9549b67
Show file tree

Hide file tree

Showing 24 changed files with 1,144 additions and 1,026 deletions.
diff --git a/.gitattributes b/.gitattributes
@@ -1,6 +1,6 @@
 * text=auto
 
-/bin/run text eol=lf
+/bin/run.js text eol=lf
 *.js text eol=lf
 *.json text eol=lf
 *.md text eol=lf

diff --git a/.vscode/launch.json b/.vscode/launch.json
@@ -8,7 +8,7 @@
           "skipFiles": [
               "<node_internals>/**"
           ],
-          "program": "${workspaceFolder}/bin/dev",
+          "program": "${workspaceFolder}/bin/dev.js",
           "args": [
             "hello",
             "world",

diff --git a/README-dev.md b/README-dev.md
@@ -35,7 +35,7 @@ The built container can be substituted for the released container.
 The tool will not output much output by default. The console output can be tuned by setting the `DEBUG` environment variable.
 
 ```
-DEBUG=* ./bin/dev member-sync
-DEBUG=oclif:* ./bin/dev member-sync
-DEBUG=*Controller\|*Service ./bin/dev member-sync
+DEBUG=* ./bin/dev.js member-sync
+DEBUG=oclif:* ./bin/dev.js member-sync
+DEBUG=*Controller\|*Service ./bin/dev.js member-sync
 ```
diff --git a/README.md b/README.md
@@ -6,15 +6,30 @@ Auth Sync App does not setup the source systems or the target systems. You are r
 
 Auth Sync App does not directly grant user access. Instead, clients of the target systems are configured independely of interpret the role themselves. An OIDC target, for example, will have roles added or removed and those roles granted to users by Auth Sync App. It is up to the application to interpret the roles a user is granted appropriately. The client (application) may have its own tool (like the [Vault Sync App](https://github.com/bcgov-nr/vault-sync-app)) for managing on the application side of interpreting the roles received from OIDC.
 
- ### Supported Sources
+### Supported Sources
+
+Sources return a group of users for each role in the configuration.
 
 * [Broker](https://bcgov-nr.github.io/nr-broker/#/)
 * Static files
 
- ### Supported Targets
+### Supported Targets
+
+A target is kept in sync with the configured roles.
+
+#### BC Gov Common Hosted Single Sign-on (CSS)
+
+The CSS target lets you sync the roles and role membership of an integration.
+
+To use this target, you must have a CSS API Account with access to the integration you want to manage.
+
+See: [CSS Documentation](https://developer.gov.bc.ca/docs/default/component/css-docs/)
+
+#### GitHub
+
+The GitHub target lets you sync teams and team membership to a GitHub organization.
 
-* [BC Gov Common Hosted Single Sign-on (CSS)](https://developer.gov.bc.ca/docs/default/component/css-docs/)
-* GitHub Teams (in progress)
+To use this target, you must have a fine-grained PAT with read and write access to members in the organization.
 
 <!-- toc -->
 * [Auth Sync App](#auth-sync-app)
@@ -43,7 +58,7 @@ The general pattern is to call the following commands:
 
 * [generate](#authtool-generate) - Create a configuration file from a template (if necessary)
 * [role-sync](#authtool-role-sync) - Sync roles to target system
-* [member-sync](#authtool-member-sync) - Sync membership in OIDC roles to target system
+* [member-sync](#authtool-member-sync) - Sync membership in roles to target system
 
 The monitor command can be used to automate running this workflow.