diff options
Diffstat (limited to 'ops/keycloak/user_sources.tf')
| -rw-r--r-- | ops/keycloak/user_sources.tf | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/ops/keycloak/user_sources.tf b/ops/keycloak/user_sources.tf index 3fde6e07cc..01307fff8d 100644 --- a/ops/keycloak/user_sources.tf +++ b/ops/keycloak/user_sources.tf @@ -2,6 +2,10 @@ # information (either by accessing a system like LDAP or integration # through protocols like OIDC). +variable "github_client_secret" { + type = string +} + resource "keycloak_ldap_user_federation" "tvl_ldap" { name = "tvl-ldap" realm_id = keycloak_realm.tvl.id @@ -19,3 +23,22 @@ resource "keycloak_ldap_user_federation" "tvl_ldap" { "organizationalPerson", ] } + +# keycloak_oidc_identity_provider.github will be destroyed +# (because keycloak_oidc_identity_provider.github is not in configuration) +resource "keycloak_oidc_identity_provider" "github" { + alias = "github" + provider_id = "github" + client_id = "6d7f8bb2e82bb6739556" + client_secret = var.github_client_secret + realm = keycloak_realm.tvl.id + backchannel_supported = false + gui_order = "1" + store_token = false + sync_mode = "IMPORT" + trust_email = true + + # These default to built-in values for the `github` provider_id. + authorization_url = "" + token_url = "" +} |