From 472f727c24ec809139bbf6f2a1076f86f25b1b02 Mon Sep 17 00:00:00 2001
From: Vincent Ambo <tazjin@tvl.su>
Date: Thu, 15 Feb 2024 18:44:32 +0700
Subject: fix(ops/gerrit): mitigate Quarkus temporarily

Keycloak has a new thing going on: Wildfly (whatever that is) is out,
and Quarkus (whatever that is) is in.

https://www.keycloak.org/migration/migrating-to-quarkus

This breaks our stuff, however, so we're using the Gerrit OAuth
plugins recommendations for how to work around that:

https://gerrit.googlesource.com/plugins/oauth/+/8d467e99457466c71eb0ca9e661dd433f03a0123%5E%21/#F1

Change-Id: I2391a89c6791015e66c5e480b905b6ee56663020
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10905
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
---
 ops/modules/monorepo-gerrit.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'ops')

diff --git a/ops/modules/monorepo-gerrit.nix b/ops/modules/monorepo-gerrit.nix
index af53d99d0a..b335fe61d5 100644
--- a/ops/modules/monorepo-gerrit.nix
+++ b/ops/modules/monorepo-gerrit.nix
@@ -101,7 +101,7 @@ in
       # variety of backends.
       auth.type = "OAUTH";
       plugin.gerrit-oauth-provider-keycloak-oauth = {
-        root-url = "https://auth.tvl.fyi";
+        root-url = "https://auth.tvl.fyi/auth";
         realm = "TVL";
         client-id = "gerrit";
         # client-secret is set in /var/lib/gerrit/etc/secure.config.
-- 
cgit 1.4.1