Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

ipsilon: just copy the awx metadata in for now since get uri doesnt work for this

Browse source 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This commit is contained in:
Kevin Fenzi 2024-12-02 11:42:52 -08:00
parent f429ae4a7b
commit 6d3a53901d
2 changed files with 1 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

10
roles/ipsilon/tasks/main.yml
View file

@ -118,16 +118,6 @@
notify:
- restart apache
- name: load the AWX SAML2 metadata that will be included in the configuration.conf file
uri:
url: https://awx.fedoraproject.org/sso/metadata/saml/
return_content: yes
register: awx_metadata
when: env == "production"
tags:
- ipsilon
- config
- name: copy ipsilon admin configuration
template:
src: "configuration.conf"

3
roles/ipsilon/templates/saml2_data
View file

@ -41,8 +41,7 @@ awx id = https://awx.fedoraproject.org/
awx type = SP
awx name = AWX
awx Allowed Attributes = ["email", "_groups", "givenname", "surname"]
awx metadata = {{ awx_metadata.content | replace("\n", " ") }}
awx metadata = <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" cacheDuration="P10D" entityID="https://awx.fedoraproject.org/"> <md:SPSSODescriptor AuthnRequestsSigned="true" WantAssertionsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> <md:KeyDescriptor use="signing"><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:X509Data><ds:X509Certificate>MIIDITCCAgmgAwIBAgIUQJqwYXoRd75ZiBhAU2/SDu6hHukwDQYJKoZIhvcNAQELBQAwIDEeMBwGA1UEAwwVYXd4LmZlZG9yYXByb2plY3Qub3JnMB4XDTIzMDcyNzExNDIyN1oXDTMzMDcyNDExNDIyN1owIDEeMBwGA1UEAwwVYXd4LmZlZG9yYXByb2plY3Qub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LRm6OCda6J/dfo26RevAnDx7jbfmgWy0hU5VTPt65SrfBgtLnvU9DwKMbQQgvtpQIOd/3D7q52vqdxLngA+HzWmdFEUTDATSdg/QcfRh6gqY34rQiGmN0yBGPNpNSRabFpSXFOPjKRqiPUncb735sWfmOUVEQZXqxu76QFAtKo8kHom/ozTpAQmN2GxOibCoRa7bcatf1CYnLE7VHo7OYDsIfffJQGYw9T4I2kMdA7nxkYMJGIF5jpLQDXkY3AsuKhz7u0Lsyit2I6phpr4d14CxJ6qa0zx2uV1fFFEh/iLyL8R2wKbz/tLC+z+HdhfZCet/MpEPLgAhRTE7ckzeQIDAQABo1MwUTAdBgNVHQ4EFgQUh6XmJv90wBllrSTuiE268uzyaMkwHwYDVR0jBBgwFoAUh6XmJv90wBllrSTuiE268uzyaMkwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAroUy6er7cruDWvHawssnUOuayaH7leNsBYOy08G/8SImJAml8jfZ5yri2lMKxFf8jf/aoZxNqMpnEBT/FVulrCavOL8zh4XhxssjFRoJcy4OpgSSSFlrDfNRi7Zo5sf/UbTyPzljuis3ziAdSonkRij09A0EZZJNU22nwzYK3ja5L0EGCCB+x2ywfnMRK1P/3ZNxAe0S98w0f7hOZlNgigNf7L21dMPcnQzt6Fpkdgc7eJVL7GhycxMNixrxqA/jUxeIQZyUcg73cKNQ3b0d3IgJE4DADfpn+6LkEeqz5KT1lQxUSTws8BEH5B3wCDS7rvacqLNocLCQzzdft9O11g==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://awx.fedoraproject.org/sso/complete/saml/" index="1"/> </md:SPSSODescriptor> <md:Organization> <md:OrganizationName xml:lang="en-US">AWX</md:OrganizationName> <md:OrganizationDisplayName xml:lang="en-US">Ansible AWX</md:OrganizationDisplayName> <md:OrganizationURL xml:lang="en-US">https://awx.fedoraproject.org/</md:OrganizationURL> </md:Organization> <md:ContactPerson contactType="technical"> <md:GivenName>Fedora Infrastructure</md:GivenName> <md:EmailAddress>infrastructure@lists.fedoraproject.org</md:EmailAddress> </md:ContactPerson> <md:ContactPerson contactType="support"> <md:GivenName>Fedora Infrastructure</md:GivenName> <md:EmailAddress>infrastructure@lists.fedoraproject.org</md:EmailAddress> </md:ContactPerson> </md:EntityDescriptor>
rhbzdev id = https://bugzilla.dev.redhat.com/saml2_metadata.cgi
rhbzdev type = SP