feat: server_auth with Microsoft Workload Identity #906
Merged
levkk merged 18 commits intopgdogdev:mainfrom Apr 17, 2026
Merged
feat: server_auth with Microsoft Workload Identity #906levkk merged 18 commits intopgdogdev:mainfrom
levkk merged 18 commits intopgdogdev:mainfrom
Conversation
|
|
Collaborator
|
|
Collaborator
|
Apply this diff when you get a second: diff --git a/pgdog-config/src/util.rs b/pgdog-config/src/util.rs
index 64c10341..6e39d55d 100644
--- a/pgdog-config/src/util.rs
+++ b/pgdog-config/src/util.rs
@@ -1,6 +1,6 @@
use std::time::Duration;
-use rand::{distr::Alphanumeric, Rng};
+use rand::{distr::Alphanumeric, RngExt};
pub fn human_duration_optional(duration: Option<Duration>) -> String {
if let Some(duration) = duration { |
Contributor
Author
|
Applied the diff and verified with cargo check. The rand conflict seems resolved now. Thanks for the help with that |
levkk
reviewed
Apr 16, 2026
Collaborator
|
You should be able to run tests locally:
|
Codecov Report❌ Patch coverage is
📢 Thoughts on this report? Let us know! |
Collaborator
|
Kind of a bad day for our CI. I'll take a look at this later tonight / tomorrow to figure out what's going on. The code looks good, just getting the tests to pass now. |
levkk
added a commit
that referenced
this pull request
Apr 17, 2026
New crate versions in #906 require later compiler
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR adds support for Microsoft Workload Identity for server authentication on a per-user basis, following the existing pattern used for
rds_iam.Changes:
This is my first contribution in Rust! 🦀
I’ve done my best to follow the existing patterns in the codebase, but I'm still learning the nuances of the language. Please be indulgent. If there are more idiomatic ways to handle the logic, async calls, or error handling, I am very happy to make changes based on your feedback!
Note: I also created a PR on the helm chart (here) to allow users to add
azure.workload.identity/use: "true"label to the pod for injecting workload Identity.Here are some logs I tested this solution in AKS with Workload Identity directly injected into the pod:
