Skip to content
Snippets Groups Projects
Verified Commit d99bf514 authored by Jaromír Hradil's avatar Jaromír Hradil
Browse files

Unifying variable naming convention

parent 914ccba2
Branches
No related tags found
1 merge request!22Unifying variable naming convention
This commit is part of merge request !22. Comments created here will be created in the context of that merge request.
...@@ -192,15 +192,15 @@ hub: ...@@ -192,15 +192,15 @@ hub:
- urn:geant:eosc-federation.eu:group:asg:notebooks.open-science-cloud.ec.europa.eu:role=admin - urn:geant:eosc-federation.eu:group:asg:notebooks.open-science-cloud.ec.europa.eu:role=admin
claim_groups_key: "entitlements" claim_groups_key: "entitlements"
EGICheckinAuthenticator: EGICheckinAuthenticator:
checkin_host: "{{ secret['checkin_host'] }}" checkin_host: "{{ secrets['checkin_host'] }}"
authorize_url: "https://{{ secret['checkin_host'] }}/OIDC/authorization" authorize_url: "https://{{ secrets['checkin_host'] }}/OIDC/authorization"
token_url: "https://{{ secret['checkin_host'] }}/OIDC/token" token_url: "https://{{ secrets['checkin_host'] }}/OIDC/token"
userdata_url: "https://{{ secret['checkin_host'] }}/OIDC/userinfo" userdata_url: "https://{{ secrets['checkin_host'] }}/OIDC/userinfo"
introspect_url: "https://{{ secret['checkin_host'] }}/OIDC/introspect" introspect_url: "https://{{ secrets['checkin_host'] }}/OIDC/introspect"
client_id: "{{ secret['client_id'] }}" client_id: "{{ secrets['client_id'] }}"
client_secret: "{{ secret['client_secret'] }}" client_secret: "{{ secrets['client_secret'] }}"
oauth_callback_url: "https://{{ notebooks_hostname }}/hub/oauth_callback" oauth_callback_url: "https://{{ notebooks_hostname }}/hub/oauth_callback"
openid_configuration_url: "https://{{ secret['checkin_host'] }}/.well-known/openid-configuration" openid_configuration_url: "https://{{ secrets['checkin_host'] }}/.well-known/openid-configuration"
scope: ["openid", "profile", "email", "offline_access", "entitlements"] scope: ["openid", "profile", "email", "offline_access", "entitlements"]
username_claim: "sub" username_claim: "sub"
extra_authorize_params: extra_authorize_params:
......
...@@ -173,15 +173,15 @@ hub: ...@@ -173,15 +173,15 @@ hub:
- urn:geant:open-science-cloud.ec.europa.eu:group:asg:notebooks.open-science-cloud.ec.europa.eu:role=admin - urn:geant:open-science-cloud.ec.europa.eu:group:asg:notebooks.open-science-cloud.ec.europa.eu:role=admin
claim_groups_key: "entitlements" claim_groups_key: "entitlements"
EGICheckinAuthenticator: EGICheckinAuthenticator:
checkin_host: "{{ secret['checkin_host'] }}" checkin_host: "{{ secrets['checkin_host'] }}"
authorize_url: "https://{{ secret['checkin_host'] }}/OIDC/authorization" authorize_url: "https://{{ secrets['checkin_host'] }}/OIDC/authorization"
token_url: "https://{{ secret['checkin_host'] }}/OIDC/token" token_url: "https://{{ secrets['checkin_host'] }}/OIDC/token"
userdata_url: "https://{{ secret['checkin_host'] }}/OIDC/userinfo" userdata_url: "https://{{ secrets['checkin_host'] }}/OIDC/userinfo"
introspect_url: "https://{{ secret['checkin_host'] }}/OIDC/introspect" introspect_url: "https://{{ secrets['checkin_host'] }}/OIDC/introspect"
client_id: "{{ secret['client_id'] }}" client_id: "{{ secrets['client_id'] }}"
client_secret: "{{ secret['client_secret'] }}" client_secret: "{{ secrets['client_secret'] }}"
oauth_callback_url: "https://{{ notebooks_hostname }}/hub/oauth_callback" oauth_callback_url: "https://{{ notebooks_hostname }}/hub/oauth_callback"
openid_configuration_url: "https://{{ secret['checkin_host'] }}/.well-known/openid-configuration" openid_configuration_url: "https://{{ secrets['checkin_host'] }}/.well-known/openid-configuration"
scope: ["openid", "profile", "email", "offline_access", "entitlements"] scope: ["openid", "profile", "email", "offline_access", "entitlements"]
username_claim: "sub" username_claim: "sub"
extra_authorize_params: extra_authorize_params:
......
...@@ -173,15 +173,15 @@ hub: ...@@ -173,15 +173,15 @@ hub:
- urn:geant:eosc-federation.eu:group:asg:notebooks.open-science-cloud.ec.europa.eu:role=admin - urn:geant:eosc-federation.eu:group:asg:notebooks.open-science-cloud.ec.europa.eu:role=admin
claim_groups_key: "entitlements" claim_groups_key: "entitlements"
EGICheckinAuthenticator: EGICheckinAuthenticator:
checkin_host: "{{ secret['checkin_host'] }}" checkin_host: "{{ secrets['checkin_host'] }}"
authorize_url: "https://{{ secret['checkin_host'] }}/OIDC/authorization" authorize_url: "https://{{ secrets['checkin_host'] }}/OIDC/authorization"
token_url: "https://{{ secret['checkin_host'] }}/OIDC/token" token_url: "https://{{ secrets['checkin_host'] }}/OIDC/token"
userdata_url: "https://{{ secret['checkin_host'] }}/OIDC/userinfo" userdata_url: "https://{{ secrets['checkin_host'] }}/OIDC/userinfo"
introspect_url: "https://{{ secret['checkin_host'] }}/OIDC/introspect" introspect_url: "https://{{ secrets['checkin_host'] }}/OIDC/introspect"
client_id: "{{ secret['client_id'] }}" client_id: "{{ secrets['client_id'] }}"
client_secret: "{{ secret['client_secret'] }}" client_secret: "{{ secrets['client_secret'] }}"
oauth_callback_url: "https://{{ notebooks_hostname }}/hub/oauth_callback" oauth_callback_url: "https://{{ notebooks_hostname }}/hub/oauth_callback"
openid_configuration_url: "https://{{ secret['checkin_host'] }}/.well-known/openid-configuration" openid_configuration_url: "https://{{ secrets['checkin_host'] }}/.well-known/openid-configuration"
scope: ["openid", "profile", "email", "offline_access", "entitlements"] scope: ["openid", "profile", "email", "offline_access", "entitlements"]
username_claim: "sub" username_claim: "sub"
extra_authorize_params: extra_authorize_params:
......
...@@ -14,18 +14,18 @@ ...@@ -14,18 +14,18 @@
vars: vars:
name: "{{ item | basename | splitext | first }}" name: "{{ item | basename | splitext | first }}"
set_fact: set_fact:
secrets: "{{ secrets|default({}) | combine({name: lookup('community.hashi_vault.hashi_vault', (vault_mount_point, 'deployment-' + name) | join('/'), deployment_secrets: "{{ deployment_secrets|default({}) | combine({name: lookup('community.hashi_vault.hashi_vault',
token_validate=false)}) }}" (vault_mount_point, 'deployment-' + name) | join('/'), token_validate=false)}) }}"
with_fileglob: with_fileglob:
- "../deployments/*.yaml" - "../deployments/*.yaml"
- name: Debug Deployments Secrets - name: Debug Deployments Secrets
debug: debug:
msg: "{{ item.key }} = {{ item.value }}" msg: "{{ item.key }} = {{ item.value }}"
loop: "{{ secrets | dict2items }}" loop: "{{ deployment_secrets | dict2items }}"
- name: Copy config file to master - name: Copy config file to master
vars: vars:
name: "{{ item | basename | splitext | first }}" name: "{{ item | basename | splitext | first }}"
secret: "{{ secrets[name] }}" secrets: "{{ deployment_secrets[name] }}"
template: template:
src: "{{ item }}" src: "{{ item }}"
dest: "/tmp/{{ item | basename }}" dest: "/tmp/{{ item | basename }}"
......
...@@ -18,11 +18,11 @@ ...@@ -18,11 +18,11 @@
tasks: tasks:
- name: Get Secrets From Vault - name: Get Secrets From Vault
set_fact: set_fact:
secret: "{{ lookup('community.hashi_vault.hashi_vault', (vault_mount_point, 'site-' + site_name) | join('/'), token_validate=false) }}" secrets: "{{ lookup('community.hashi_vault.hashi_vault', (vault_mount_point, 'site-' + site_name) | join('/'), token_validate=false) }}"
- name: Debug Secrets - name: Debug Secrets
debug: debug:
msg: "{{ item.key }} = {{ item.value }}" msg: "{{ item.key }} = {{ item.value }}"
loop: "{{ secret | dict2items }}" loop: "{{ secrets | dict2items }}"
- name: Directory for for GLPI agent configuration - name: Directory for for GLPI agent configuration
file: file:
path: /etc/glpi-agent/conf.d path: /etc/glpi-agent/conf.d
......
...@@ -18,11 +18,11 @@ ...@@ -18,11 +18,11 @@
when: "'deepfence' not in ansible_local.helm_repos | map(attribute='name') | list" when: "'deepfence' not in ansible_local.helm_repos | map(attribute='name') | list"
- name: Get Secrets From Vault - name: Get Secrets From Vault
set_fact: set_fact:
secret: "{{ lookup('community.hashi_vault.hashi_vault', [ vault_mount_point, 'site-' + site_name] | join('/'), token_validate=false) }}" secrets: "{{ lookup('community.hashi_vault.hashi_vault', [ vault_mount_point, 'site-' + site_name] | join('/'), token_validate=false) }}"
- name: Debug Secrets - name: Debug Secrets
debug: debug:
msg: "{{ item.key }} = {{ item.value }}" msg: "{{ item.key }} = {{ item.value }}"
loop: "{{ secret | dict2items }}" loop: "{{ secrets | dict2items }}"
- name: Deepfence ThreadManager Agent Configuration - name: Deepfence ThreadManager Agent Configuration
template: template:
src: templates/deepfence-agent.yaml.j2 src: templates/deepfence-agent.yaml.j2
......
managementConsoleUrl: "{{ secret['deepfence_host'] | default('') }}" managementConsoleUrl: "{{ secrets['deepfence_host'] | default('') }}"
deepfenceKey: "{{ secret['deepfence_key'] | default('') }}" deepfenceKey: "{{ secrets['deepfence_key'] | default('') }}"
clusterName: "jupyter-{{ site_name }}" clusterName: "jupyter-{{ site_name }}"
mountContainerRuntimeSocket: mountContainerRuntimeSocket:
containerSock: true containerSock: true
......
...@@ -174,15 +174,15 @@ hub: ...@@ -174,15 +174,15 @@ hub:
- urn:geant:eosc-federation.eu:group:asg:notebooks.open-science-cloud.ec.europa.eu:role=admin - urn:geant:eosc-federation.eu:group:asg:notebooks.open-science-cloud.ec.europa.eu:role=admin
claim_groups_key: "entitlements" claim_groups_key: "entitlements"
EGICheckinAuthenticator: EGICheckinAuthenticator:
checkin_host: "{{ secret['checkin_host'] }}" checkin_host: "{{ secrets['checkin_host'] }}"
authorize_url: "https://{{ secret['checkin_host'] }}/OIDC/authorization" authorize_url: "https://{{ secrets['checkin_host'] }}/OIDC/authorization"
token_url: "https://{{ secret['checkin_host'] }}/OIDC/token" token_url: "https://{{ secrets['checkin_host'] }}/OIDC/token"
userdata_url: "https://{{ secret['checkin_host'] }}/OIDC/userinfo" userdata_url: "https://{{ secrets['checkin_host'] }}/OIDC/userinfo"
introspect_url: "https://{{ secret['checkin_host'] }}/OIDC/introspect" introspect_url: "https://{{ secrets['checkin_host'] }}/OIDC/introspect"
client_id: "{{ secret['client_id'] }}" client_id: "{{ secrets['client_id'] }}"
client_secret: "{{ secret['client_secret'] }}" client_secret: "{{ secrets['client_secret'] }}"
oauth_callback_url: "https://{{ notebooks_hostname }}/hub/oauth_callback" oauth_callback_url: "https://{{ notebooks_hostname }}/hub/oauth_callback"
openid_configuration_url: "https://{{ secret['checkin_host'] }}/.well-known/openid-configuration" openid_configuration_url: "https://{{ secrets['checkin_host'] }}/.well-known/openid-configuration"
scope: ["openid", "profile", "email", "offline_access", "entitlements"] scope: ["openid", "profile", "email", "offline_access", "entitlements"]
username_claim: "sub" username_claim: "sub"
extra_authorize_params: extra_authorize_params:
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment