github: use GraphQL API to reduce number of API calls for directory sync (#2715)

* github: use GraphQL API to reduce number of API calls for directory sync

* fix id encoding

* github: use slug instead of id, update upgrading.md

* Update docs/docs/upgrading.md

Co-authored-by: Alex Fornuto <afornuto@pomerium.com>

Co-authored-by: Alex Fornuto <afornuto@pomerium.com>
This commit is contained in:
Caleb Doxsey 2021-10-27 11:50:48 -06:00 committed by GitHub
parent d390e80b30
commit 99b905a336
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 499 additions and 204 deletions

View file

@ -12,6 +12,9 @@ The deprecated `headers` option has been removed. Use [`set_response_headers`](/
The `signing_key_algorithm` option has been removed and will now be inferred from `signing_key`.
### Changed GitHub Team IDs
To improve performance, IdP directory synchronization for GitHub now uses the GraphQL API. This API returns the same information as the REST API, except that the GraphQL node IDs are different. Where we previously used the team integer ID from the REST API, we now use the team slug instead. Most policies should already use the team slug for group based rules, which should continue to work. However, if the integer ID is used it will no longer work. Update those policies to use the team slug instead.
# Since 0.14.0
## Breaking