This is an automated email from the ASF dual-hosted git repository.
zrhoffman pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficcontrol.git
The following commit(s) were added to refs/heads/master by this push:
new c0256de68c Add Oauth to Infra Ansible (#7625)
c0256de68c is described below
commit c0256de68c4aa5f0ae18bc9519e25a8d910d2b6a
Author: Dylan Souza <[email protected]>
AuthorDate: Fri Jul 14 09:36:00 2023 -0600
Add Oauth to Infra Ansible (#7625)
Adds oauth configuration parameters to the ansible templates.
Co-authored-by: dsouza550 <[email protected]>
---
.../ansible/roles/traffic_ops/defaults/main.yml | 4 ++++
.../ansible/roles/traffic_ops/tasks/traffic_ops.yml | 17 ++++++++++++++++-
.../ansible/roles/traffic_ops/templates/cdn.conf.j2 | 5 ++++-
3 files changed, 24 insertions(+), 2 deletions(-)
diff --git a/infrastructure/ansible/roles/traffic_ops/defaults/main.yml
b/infrastructure/ansible/roles/traffic_ops/defaults/main.yml
index 1f156c0608..c58a0ce9a9 100644
--- a/infrastructure/ansible/roles/traffic_ops/defaults/main.yml
+++ b/infrastructure/ansible/roles/traffic_ops/defaults/main.yml
@@ -98,6 +98,10 @@ to_go_supported_ds_metrics:
- tps_4xx
- tps_5xx
+to_go_whitelisted_oauth_urls: ""
+to_go_oauth_user_attribute: ""
+to_go_oauth_client_secret: ""
+
to_plugin_config: {}
to_le_user_email: [email protected]
diff --git a/infrastructure/ansible/roles/traffic_ops/tasks/traffic_ops.yml
b/infrastructure/ansible/roles/traffic_ops/tasks/traffic_ops.yml
index afbeb276bf..8caac027a6 100644
--- a/infrastructure/ansible/roles/traffic_ops/tasks/traffic_ops.yml
+++ b/infrastructure/ansible/roles/traffic_ops/tasks/traffic_ops.yml
@@ -122,6 +122,12 @@
dest: "{{ to_tvdb_aes_key_loc }}"
notify: Restart Traffic Ops
+- name: Remove LDAP config if LDAP not used
+ file:
+ path: "{{ to_conf_installdir }}/ldap.conf"
+ state: absent
+ when: not to_ldap_setup
+
- name: Render Traffic Ops configuration files
template:
src: "{{item}}.j2"
@@ -134,10 +140,19 @@
- production/log4perl.conf
- production/riak.conf
- cdn.conf
- - ldap.conf
- influxdb.conf
notify: Restart Traffic Ops
+- name: Render Traffic Ops LDAP configuration file
+ template:
+ src: "ldap.conf.j2"
+ owner: "{{ to_user }}"
+ group: "{{ to_group }}"
+ mode: 0600
+ dest: "{{ to_conf_installdir }}/ldap.conf"
+ notify: Restart Traffic Ops
+ when: to_ldap_setup
+
- name: Upgrade TODB
command: ./db/admin -env=production upgrade
args:
diff --git a/infrastructure/ansible/roles/traffic_ops/templates/cdn.conf.j2
b/infrastructure/ansible/roles/traffic_ops/templates/cdn.conf.j2
index b5fbd53f90..8c24e627b9 100644
--- a/infrastructure/ansible/roles/traffic_ops/templates/cdn.conf.j2
+++ b/infrastructure/ansible/roles/traffic_ops/templates/cdn.conf.j2
@@ -81,7 +81,10 @@
"password": "{{ to_riak_username_password }}",
"MaxTLSVersion": "{{ to_riak_tls_max_version }}"
{% endif %}
- }
+ },
+ "whitelisted_oauth_urls": {{ to_go_whitelisted_oauth_urls | to_json }},
+ "oauth_client_secret": "{{ to_go_oauth_client_secret }}",
+ "oauth_user_attribute": "{{ to_go_oauth_user_attribute }}"
},
"lets_encrypt": {
"user_email": "{{ to_le_user_email }}",
