diff options
author | Vincent Ambo <mail@tazj.in> | 2021-12-25T21·46+0300 |
---|---|---|
committer | clbot <clbot@tvl.fyi> | 2021-12-26T00·10+0000 |
commit | 738cca62c1c4b5297d636fc331cd49bd82eaa0a6 (patch) | |
tree | 90f3720d66f570680e95e3f49dfc3c751c6a49b3 | |
parent | 798b439c4bec6f03f17c86e4d689aad69b79a7cc (diff) |
feat(monorepo-gerrit): Configure for Keycloak compatibility r/3410
Change-Id: Ic3fce02b071c09cf03e652510f16bafb795a5a1d Reviewed-on: https://cl.tvl.fyi/c/depot/+/4614 Autosubmit: tazjin <mail@tazj.in> Tested-by: BuildkiteCI Reviewed-by: lukegb <lukegb@tvl.fyi> Reviewed-by: grfn <grfn@gws.fyi>
-rw-r--r-- | ops/modules/monorepo-gerrit.nix | 11 | ||||
-rw-r--r-- | ops/secrets/gerrit-secrets.age | bin | 835 -> 828 bytes |
2 files changed, 6 insertions, 5 deletions
diff --git a/ops/modules/monorepo-gerrit.nix b/ops/modules/monorepo-gerrit.nix index 30caa984d706..6638f30b3f9f 100644 --- a/ops/modules/monorepo-gerrit.nix +++ b/ops/modules/monorepo-gerrit.nix @@ -94,12 +94,13 @@ in { html = "<a href=\"https://cl.tvl.fyi/$1\">cl/$1</a>"; }; - # Configures integration with CAS, which then integrates with a variety - # of backends. + # Configures integration with Keycloak, which then integrates with a + # variety of backends. auth.type = "OAUTH"; - plugin.gerrit-oauth-provider-cas-oauth = { - root-url = "https://login.tvl.fyi"; - client-id = "OAUTH-TVL-gerrit-Fv0d8Aizz5"; + plugin.gerrit-oauth-provider-keycloak-oauth = { + root-url = "https://auth.tvl.fyi"; + realm = "TVL"; + client-id = "gerrit"; # client-secret is set in /var/lib/gerrit/etc/secure.config. }; diff --git a/ops/secrets/gerrit-secrets.age b/ops/secrets/gerrit-secrets.age index 077f33f060b3..02a3c66b5369 100644 --- a/ops/secrets/gerrit-secrets.age +++ b/ops/secrets/gerrit-secrets.age Binary files differ |