From b0e84db1ee812b27117b3dd662103e8c9178822f Mon Sep 17 00:00:00 2001
From: Student User <student@workstation.lab.example.com>
Date: Tue, 07 Jul 2020 18:14:59 +0200
Subject: [PATCH] initial

---
 config/project-leaders.yaml   |    6 ++++++
 config/kustomization.yaml     |   11 +++++++++++
 config/htpasswd-secret-data   |    3 +++
 config/oauth.yaml             |   14 ++++++++++++++
 config/self-provisioners.yaml |   14 ++++++++++++++
 5 files changed, 48 insertions(+), 0 deletions(-)

diff --git a/config/htpasswd-secret-data b/config/htpasswd-secret-data
new file mode 100644
index 0000000..5efe028
--- /dev/null
+++ b/config/htpasswd-secret-data
@@ -0,0 +1,3 @@
+admin:$apr1$7YEkhvEe$mb3kTDJNcArX8JBs0zHSI.
+developer:$apr1$bqT3hyf5$6APg0X7rBYzHs1eU4n1pX/
+testuser:$apr1$m2dUk.Kv$zr4z1IPsETNscgSfviZEG0
diff --git a/config/kustomization.yaml b/config/kustomization.yaml
new file mode 100644
index 0000000..5734617
--- /dev/null
+++ b/config/kustomization.yaml
@@ -0,0 +1,11 @@
+resources:
+- oauth.yaml
+- project-leaders.yaml
+- self-provisioners.yaml
+secretGenerator:
+- name: htpasswd-secret
+  namespace: openshift-config
+  files:
+  - htpasswd=htpasswd-secret-data
+generatorOptions:
+  disableNameSuffixHash: true
diff --git a/config/oauth.yaml b/config/oauth.yaml
new file mode 100644
index 0000000..f690771
--- /dev/null
+++ b/config/oauth.yaml
@@ -0,0 +1,14 @@
+apiVersion: config.openshift.io/v1
+kind: OAuth
+metadata:
+  annotations:
+    release.openshift.io/create-only: "true"
+  name: cluster
+spec:
+  identityProviders:
+  - htpasswd:
+      fileData:
+        name: htpasswd-secret
+    mappingMethod: claim
+    name: htpasswd_provider
+    type: HTPasswd
diff --git a/config/project-leaders.yaml b/config/project-leaders.yaml
new file mode 100644
index 0000000..608e0d3
--- /dev/null
+++ b/config/project-leaders.yaml
@@ -0,0 +1,6 @@
+apiVersion: user.openshift.io/v1
+kind: Group
+metadata:
+  name: project-leaders
+users:
+  - developer
diff --git a/config/self-provisioners.yaml b/config/self-provisioners.yaml
new file mode 100644
index 0000000..8a88f3c
--- /dev/null
+++ b/config/self-provisioners.yaml
@@ -0,0 +1,14 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  annotations:
+    rbac.authorization.kubernetes.io/autoupdate: "false"
+  name: self-provisioners
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: self-provisioner
+subjects:
+- apiGroup: rbac.authorization.k8s.io
+  kind: Group
+  name: project-leaders

--
Gitblit v1.9.3