Skip to content

feat: option to restrict org creation#2290

Merged
migmartri merged 9 commits into
chainloop-dev:mainfrom
migmartri:2270-orgs-cretion
Jul 28, 2025
Merged

feat: option to restrict org creation#2290
migmartri merged 9 commits into
chainloop-dev:mainfrom
migmartri:2270-orgs-cretion

Conversation

@migmartri

Copy link
Copy Markdown
Member

This PR adds a new setting in the controlplane config to restrict the creation of orgs to instance administrators, it includes

  • configuration setting
  • new role org:instance:admin associated with a new org creation policy
  • enforcement logic (if the setting is enabled) in the org creation service handler
  • exposure of this feature being enabled in the infoz endpoint.

This is the error you get if you try to create an org and it's disabled and you are not admin

ERR creation of organizations is restricted to instance admins
exit status 1

Closes #2270

Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
@migmartri migmartri requested review from javirln and jiparis July 26, 2025 22:32
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
@migmartri migmartri marked this pull request as draft July 27, 2025 23:32
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
@migmartri migmartri marked this pull request as ready for review July 27, 2025 23:45
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>

@jiparis jiparis left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice, just a nit comment.

Comment thread app/controlplane/internal/service/organization.go
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
@migmartri migmartri merged commit ad68570 into chainloop-dev:main Jul 28, 2025
13 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

configure who can create orgnanizations

2 participants