Skip to content

Commit 3731027

Browse files
themr0cthemr0c
authored
backport RHIDP-4248 Finish removing authentication sections from GSG (#634)
Signed-off-by: Fabrice Flore-Thébault <[email protected]>
1 parent dbaa984 commit 3731027

File tree

3 files changed

+25
-375
lines changed

3 files changed

+25
-375
lines changed

modules/authentication/proc-enabling-authentication-with-github.adoc

Lines changed: 25 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -55,17 +55,15 @@ TIP: If you plan to make changes using the GitHub API, ensure that `Read and wri
5555
+
5656
`AUTH_GITHUB_APP_ID`:: Enter the saved **App ID**.
5757
`AUTH_GITHUB_CLIENT_ID`:: Enter the saved **Client ID**.
58-
+
59-
Optional: enter additional secrets. The additional secrets are not required for authentication, but for further integration with GitHub, including:
60-
+
6158
`GITHUB_HOST_DOMAIN`:: Enter your GitHub host domain: `pass:c[https://github.com]` unless you are using GitHub Enterprise.
6259
`GITHUB_ORGANIZATION`:: Enter your GitHub organization name, such as `__<your_github_organization_name>__'.
6360
`GITHUB_ORG_URL`:: Enter `$GITHUB_HOST_DOMAIN/$GITHUB_ORGANIZATION`.
6461
`GITHUB_CLIENT_SECRET`:: Enter the saved **Client Secret**.
6562
`GITHUB_PRIVATE_KEY_FILE`:: Enter the saved **Private key**.
63+
`GITHUB_WEBHOOK_URL`:: Enter your {product-short} URL: `pass:c,a,q[{my-product-url}]`.
6664
`GITHUB_WEBHOOK_SECRET`:: Enter the saved *Webhook secret*.
6765

68-
. To set up the GitHub authentication provider in your {product-short} custom configuration, edit your custom {product-short} ConfigMap such as `app-config-rhdh`, and add the following lines to the `app-config-rhdh.yaml` content:
66+
. To set up the GitHub authentication provider and enable integration with the GitHub API in your {product-short} custom configuration, edit your custom {product-short} ConfigMap such as `app-config-rhdh`, and add the following lines to the `app-config-rhdh.yaml` content:
6967
+
7068
--
7169
.`app-config-rhdh.yaml` fragment with mandatory fields to enable authentication with GitHub
@@ -78,13 +76,24 @@ auth:
7876
production:
7977
clientId: ${AUTH_GITHUB_CLIENT_ID}
8078
clientSecret: ${AUTH_GITHUB_CLIENT_SECRET}
79+
integrations:
80+
github:
81+
- host: ${GITHUB_HOST_DOMAIN}
82+
apps:
83+
- appId: ${AUTH_GITHUB_APP_ID}
84+
clientId: ${AUTH_GITHUB_CLIENT_ID}
85+
clientSecret: ${GITHUB_CLIENT_SECRET}
86+
webhookUrl: ${GITHUB_WEBHOOK_URL}
87+
webhookSecret: ${GITHUB_WEBHOOK_SECRET}
88+
privateKey: |
89+
${GITHUB_PRIVATE_KEY_FILE}
8190
signInPage: github
8291
----
8392

8493
`environment: production`::
8594
Mark the environment as `production` to hide the Guest login in the {product-short} home page.
8695

87-
`clientId`, `clientSecret`::
96+
`clientId`, `clientSecret`, `host`, `appId`, `webhookUrl`, `webhookSecret`, `privateKey`::
8897
Use the {product-short} application information that you have created in GitHub and configured in OpenShift as secrets.
8998

9099
`sigInPage: github`::
@@ -107,6 +116,17 @@ auth:
107116
production:
108117
clientId: ${AUTH_GITHUB_CLIENT_ID}
109118
clientSecret: ${AUTH_GITHUB_CLIENT_SECRET}
119+
integrations:
120+
github:
121+
- host: ${GITHUB_HOST_DOMAIN}
122+
apps:
123+
- appId: ${AUTH_GITHUB_APP_ID}
124+
clientId: ${AUTH_GITHUB_CLIENT_ID}
125+
clientSecret: ${GITHUB_CLIENT_SECRET}
126+
webhookUrl: ${GITHUB_WEBHOOK_URL}
127+
webhookSecret: ${GITHUB_WEBHOOK_SECRET}
128+
privateKey: |
129+
${GITHUB_PRIVATE_KEY_FILE}
110130
signInPage: github
111131
dangerouslyAllowSignInWithoutUserInCatalog: true
112132
----

0 commit comments

Comments
 (0)