infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 7 Projects Releases Packages Wiki Activity Actions

Ipsilon: automatically load the SAML2 metadata for PDC

Browse source 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
This commit is contained in:
Aurélien Bompard 2023-04-20 12:42:32 +02:00
parent ba57d2bf2a
commit aa0fbcad18
No known key found for this signature in database
GPG key ID: 31584CFEB9BF64AD
2 changed files with 7 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

6
roles/ipsilon/tasks/main.yml
View file

@ -99,6 +99,12 @@
notify:
- restart apache
- name: load the PDC SAML2 metadata that will be included in the configuration.conf file
uri:
url: https://pdc{{ env_suffix }}.fedoraproject.org/saml2/metadata
return_content: yes
register: pdc_metadata
- name: copy ipsilon admin configuration
template:
src: "configuration.conf"

2
roles/ipsilon/templates/saml2_data_stg
View file

@ -6,7 +6,7 @@ beakerstg metadata=<?xml version='1.0' encoding='UTF-8'?><md:EntityDescriptor xm
pdcstg id = https://pdc.stg.fedoraproject.org/saml2
pdcstg type = SP
pdcstg name = Product Definition Center STAGING
pdcstg metadata = <?xml version='1.0' encoding='UTF-8'?><md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" cacheDuration="P7D" entityID="https://pdc.stg.fedoraproject.org/saml2"><md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"><md:KeyDescriptor use="signing"><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIDGTCCAgGgAwIBAgIJAISFaB3/KZDhMA0GCSqGSIb3DQEBCwUAMCMxITAfBgNVBAMMGHBkYy5mZWRvcmFpbmZyYWNsb3VkLm9yZzAeFw0xNTA5MzAxMDM4NTFaFw0yMDA5MjgxMDM4NTFaMCMxITAfBgNVBAMMGHBkYy5mZWRvcmFpbmZyYWNsb3VkLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALLA2h4tYn7tAFwFZ2JBxLLcpIY55/NpdQP1yLSfvD4huT3rWRLoojiEpIM61qgnJmVsZ4oPkkSmU3pWLrjwZeD5XQimtg6GPHitjIIHhUgPDncpdGsbD1J/Jv7V/gj0CvI9ak0i9d0zxaKGaejP0VL78xeaEPf53LQywqrV9iGDRpcJzQZrqwUvrSIDRn7SmUNvDYQL6voAO6la/43CO8oIMiGE/qNs8sK/KupifxjN4BvZzK6ofpYqhycwJFHUTZ5mAEXspINIOr8I43ApF6+RDWyIt2G2GK7gwkLfNfb/3Lht8/oMjyiPvKuhSqaDbfcSwsU2A9k9vqV0ufL++VUCAwEAAaNQME4wHQYDVR0OBBYEFMy2MUOk6B9kN0nLDO4w7Ja/oL2dMB8GA1UdIwQYMBaAFMy2MUOk6B9kN0nLDO4w7Ja/oL2dMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHWk0SZYofIu0HP96D2RFghS7bcFGoTzG4uOK8v9cYtM3f3NO5NlmMNYeLG3wbBA+7pZgmIEReZkGlGq4kR4PqulKE4yymyuzIEUYFwlHfxrWCIH7/A211WxTQRXBGT2h4+uwpqOOOUdd8KHBdRIzYKiNEBjUgbya9fObxPZK2jx7zUqqa7KneEXaZ86LqPQU6+dv3i4yZE7PkeJ3Pl5wVSIJ7dxIN+81YhfuL3poknqDYmJ4QHNMcbS3gBaTTsUAUyfPXlAbWaGdypAuzxkwt9etX/bExs/0k28REwtZo9q04R48Ejlv4ckKIOFY7aO8saseB4A/n/oLfrW+/8qBnM=</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://pdc.stg.fedoraproject.org/saml2/logout"/><md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pdc.stg.fedoraproject.org/saml2/postResponse" index="0"/><md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat></md:SPSSODescriptor></md:EntityDescriptor>
pdcstg metadata = {{ pdc_metadata.content | replace("\n", " ") }}
rhdev id = https://bzweb01-devel.app.eng.bne.redhat.com/saml2_metadata.cgi
rhdev type = SP