Here is the by default config defined within the OpenShift Master Config file using as Authentication mode : anypassword
This config requires additional parameters when we configure an IdentityProvider
To support to configure an Identity Provider, it will be required to define at least 7 keys :
- ca file
- clientId
- clientSecret
- urls - authorize
- urls - token
- urls - userInfo
- logoutUrl
...
We can define additional parameters/env variables within the Vagrant file to configure this YAML config used to setup the Master Config file of OpenShift but I would like to suggest that we externalise our parameters within a YAML config file parsed by Vagrant as such
Example :
require 'yaml'
settings = YAML.load_file 'vagrant.yml'
...
$vmMemory = settings['FABRIC8_VM_MEMORY']
$vmName = settings['FABRIC8_VM_NAME']
$identityProvider = settings['OPENSHIFT_IDENTITY_PROVIDER']
$identityProviderConfig = settings['OPENSHIFT_IDENTITY_PROVIDER_CONFIG']
and
FABRIC8_VM_MEMORY : 4096
FABRIC8_VM_NAME : fabric8-openshift
OPENSHIFT_IDENTITY_PROVIDER : anypassword, keycloak, ....
OPENSHIFT_IDENTITY_PROVIDER_CONFIG : >
identityProviders:
- challenge: true
login: true
name: keycloak
provider:
apiVersion: v1
kind: OpenIDIdentityProvider
ca: ca.crt
clientID: openshift
clientSecret: fbde8b27-3342-4494-b3a3-7db645e9dfe5
claims:
id:
- sub
preferredUsername:
- preferred_username
name:
- name
email:
- email
urls:
What do you think about this suggestion ?
Regards,
Charles