about summary refs log tree commit diff
path: root/ops/secrets/tf-keycloak.age
AgeCommit message (Collapse)AuthorFilesLines
2024-09-01 r/8634 fix(ops/keycloak): update client ID and client secretFlorian Klink1-0/+0
This points to a "GitHub App" now ("https://github.com/organizations/tvlfyi/settings/apps"), rather than an "OAuth App" ("https://github.com/organizations/tvlfyi/settings/applications"). Apparently this makes a big difference, and we should be using a "GitHub App", not an "OAuth App". The defails on why are in https://github.com/keycloak/keycloak/issues/9429#issuecomment-1578953468 The App can be configured at https://github.com/organizations/tvlfyi/settings/apps/tvl-keycloak . With this, we should get rid of spurious Exceptions with some GitHub users trying to log in, hopefully fixing https://b.tvl.fyi/issues/201. Change-Id: I25d0d6cd1b05ad54ed3d760d3a48ce1f430c0e7d Reviewed-on: https://cl.tvl.fyi/c/depot/+/12413 Autosubmit: flokli <flokli@flokli.de> Reviewed-by: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2023-02-01 r/5810 feat(ops/secrets): add flokli to terraform secrets accessVincent Ambo1-0/+0
Change-Id: I9ede20028560f2da0fef89dfe431609c21bda51c Reviewed-on: https://cl.tvl.fyi/c/depot/+/8005 Reviewed-by: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2022-09-20 r/4930 feat(ops/keycloak): import github identity provider configurationVincent Ambo1-0/+0
For some reason Terraform decided that it would otherwise like to *delete* this configuration, which is undesirable. Note that there is a "magic" special behaviour when the `alias` and `provider_id` are set to the name of a built-in supported provider (github, gitlab etc.), which lets us skip the authorization_url setup. Change-Id: Ib66154c2896dda162c57bdc2d7964a9fa4e15f20 Reviewed-on: https://cl.tvl.fyi/c/depot/+/6706 Tested-by: BuildkiteCI Reviewed-by: lukegb <lukegb@tvl.fyi>
2022-05-17 r/4092 chore(ops/secrets): add key for tazjin/zamalekVincent Ambo1-0/+0
Change-Id: Ieb2fe49a67940d7cfbd261edbe10d0a8577a466d Reviewed-on: https://cl.tvl.fyi/c/depot/+/5628 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
2021-12-27 r/3471 fix(ops/keycloak): Move Terraform state to GleSYS bucketVincent Ambo1-12/+13
This should never sit around locally the way it does now. Change-Id: Icfbdaf1949d6d948a796a0759282ea6144af3621 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4709 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2021-12-27 r/3470 feat(ops/secrets): Add tf-keycloak secrets fileVincent Ambo1-0/+13
This file can be sourced (somehow, depending on the user) while working with //ops/keycloak to get the relevant secrets. Change-Id: Ibb3051c4b019f64824964475451c1c3996db6421 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4708 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>