From b0e84db1ee812b27117b3dd662103e8c9178822f Mon Sep 17 00:00:00 2001 From: Student User <student@workstation.lab.example.com> Date: Tue, 07 Jul 2020 18:14:59 +0200 Subject: [PATCH] initial --- config/project-leaders.yaml | 6 ++++++ config/kustomization.yaml | 11 +++++++++++ config/htpasswd-secret-data | 3 +++ config/oauth.yaml | 14 ++++++++++++++ config/self-provisioners.yaml | 14 ++++++++++++++ 5 files changed, 48 insertions(+), 0 deletions(-) diff --git a/config/htpasswd-secret-data b/config/htpasswd-secret-data new file mode 100644 index 0000000..5efe028 --- /dev/null +++ b/config/htpasswd-secret-data @@ -0,0 +1,3 @@ +admin:$apr1$7YEkhvEe$mb3kTDJNcArX8JBs0zHSI. +developer:$apr1$bqT3hyf5$6APg0X7rBYzHs1eU4n1pX/ +testuser:$apr1$m2dUk.Kv$zr4z1IPsETNscgSfviZEG0 diff --git a/config/kustomization.yaml b/config/kustomization.yaml new file mode 100644 index 0000000..5734617 --- /dev/null +++ b/config/kustomization.yaml @@ -0,0 +1,11 @@ +resources: +- oauth.yaml +- project-leaders.yaml +- self-provisioners.yaml +secretGenerator: +- name: htpasswd-secret + namespace: openshift-config + files: + - htpasswd=htpasswd-secret-data +generatorOptions: + disableNameSuffixHash: true diff --git a/config/oauth.yaml b/config/oauth.yaml new file mode 100644 index 0000000..f690771 --- /dev/null +++ b/config/oauth.yaml @@ -0,0 +1,14 @@ +apiVersion: config.openshift.io/v1 +kind: OAuth +metadata: + annotations: + release.openshift.io/create-only: "true" + name: cluster +spec: + identityProviders: + - htpasswd: + fileData: + name: htpasswd-secret + mappingMethod: claim + name: htpasswd_provider + type: HTPasswd diff --git a/config/project-leaders.yaml b/config/project-leaders.yaml new file mode 100644 index 0000000..608e0d3 --- /dev/null +++ b/config/project-leaders.yaml @@ -0,0 +1,6 @@ +apiVersion: user.openshift.io/v1 +kind: Group +metadata: + name: project-leaders +users: + - developer diff --git a/config/self-provisioners.yaml b/config/self-provisioners.yaml new file mode 100644 index 0000000..8a88f3c --- /dev/null +++ b/config/self-provisioners.yaml @@ -0,0 +1,14 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + annotations: + rbac.authorization.kubernetes.io/autoupdate: "false" + name: self-provisioners +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: self-provisioner +subjects: +- apiGroup: rbac.authorization.k8s.io + kind: Group + name: project-leaders -- Gitblit v1.9.3