From 5a935581bd81d3d5b3e03ac8aab0d4a6eaf00eea Mon Sep 17 00:00:00 2001 From: Mark O Brien Date: Fri, 22 Apr 2022 11:36:19 +0100 Subject: [PATCH 1/3] #10614 add aws-qa role saml access Signed-off-by: Mark O Brien --- ipsilon/info/infofas.py | 1 + 1 file changed, 1 insertion(+) diff --git a/ipsilon/info/infofas.py b/ipsilon/info/infofas.py index 546c4b1..cafb8da 100644 --- a/ipsilon/info/infofas.py +++ b/ipsilon/info/infofas.py @@ -19,6 +19,7 @@ AWS_GROUPS = { "aws-min": "arn:aws:iam::125523088429:role/aws-min", "aws-fedora-ci": "arn:aws:iam::125523088429:role/aws-fedora-ci", "aws-fcos-mgmt": "arn:aws:iam::125523088429:role/aws-fcos-mgmt", + "aws-qa": "arn:aws:iam::125523088429:role/aws-qa", } From 01505dde5ef436bdcc8e606fa936d83a57c51d8b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Aur=C3=A9lien=20Bompard?= Date: Fri, 24 Jun 2022 11:24:51 +0200 Subject: [PATCH 2/3] Remove the infofas module, it has been merged in ipsilon MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Aurélien Bompard --- ipsilon/info/infofas.py | 47 ----------------------------------------- 1 file changed, 47 deletions(-) delete mode 100644 ipsilon/info/infofas.py diff --git a/ipsilon/info/infofas.py b/ipsilon/info/infofas.py deleted file mode 100644 index 546c4b1..0000000 --- a/ipsilon/info/infofas.py +++ /dev/null @@ -1,47 +0,0 @@ -from ipsilon.util import config as pconfig -from ipsilon.info.infosssd import InfoProvider as SSSDInfoProvider - - -AWS_IDP_ARN = "arn:aws:iam::125523088429:saml-provider/id.fedoraproject.org" -AWS_GROUPS = { - "aws-master": "arn:aws:iam::125523088429:role/aws-master", - "aws-iam": "arn:aws:iam::125523088429:role/aws-iam", - "aws-billing": "arn:aws:iam::125523088429:role/aws-billing", - "aws-atomic": "arn:aws:iam::125523088429:role/aws-atomic", - "aws-s3-readonly": "arn:aws:iam::125523088429:role/aws-s3-readonly", - "aws-fedoramirror": "arn:aws:iam::125523088429:role/aws-fedoramirror", - "aws-s3": "arn:aws:iam::125523088429:role/aws-s3", - "aws-cloud-poc": "arn:aws:iam::125523088429:role/aws-cloud-poc", - "aws-infra": "arn:aws:iam::125523088429:role/aws-infra", - "aws-docs": "arn:aws:iam::125523088429:role/aws-docs", - "aws-copr": "arn:aws:iam::125523088429:role/aws-copr", - "aws-centos": "arn:aws:iam::125523088429:role/aws-centos", - "aws-min": "arn:aws:iam::125523088429:role/aws-min", - "aws-fedora-ci": "arn:aws:iam::125523088429:role/aws-fedora-ci", - "aws-fcos-mgmt": "arn:aws:iam::125523088429:role/aws-fcos-mgmt", -} - - -class InfoProvider(SSSDInfoProvider): - def __init__(self, *kwargs): - super().__init__(*kwargs) - self.name = "fas" - self.description = """ -A Fedora-specific version of the SSSd info plugin. -""" - self.new_config( - self.name, - pconfig.Condition( - "preconfigured", "SSSD can only be used when pre-configured", False - ), - ) - - def get_user_attrs(self, user): - reply = super().get_user_attrs(user) - reply["_extras"]["awsroles"] = [] - for group in reply["_groups"]: - if group in AWS_GROUPS: - reply["_extras"]["awsroles"].append( - "%s,%s" % (AWS_IDP_ARN, AWS_GROUPS[group]) - ) - return reply From fbb7aabbe9f075717f7fce9fd4d597112337efe1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Aur=C3=A9lien=20Bompard?= Date: Fri, 24 Jun 2022 11:24:51 +0200 Subject: [PATCH 3/3] Remove the infofas module, it has been merged in ipsilon MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Aurélien Bompard --- ipsilon/info/infofas.py | 48 ----------------------------------------- 1 file changed, 48 deletions(-) delete mode 100644 ipsilon/info/infofas.py diff --git a/ipsilon/info/infofas.py b/ipsilon/info/infofas.py deleted file mode 100644 index cafb8da..0000000 --- a/ipsilon/info/infofas.py +++ /dev/null @@ -1,48 +0,0 @@ -from ipsilon.util import config as pconfig -from ipsilon.info.infosssd import InfoProvider as SSSDInfoProvider - - -AWS_IDP_ARN = "arn:aws:iam::125523088429:saml-provider/id.fedoraproject.org" -AWS_GROUPS = { - "aws-master": "arn:aws:iam::125523088429:role/aws-master", - "aws-iam": "arn:aws:iam::125523088429:role/aws-iam", - "aws-billing": "arn:aws:iam::125523088429:role/aws-billing", - "aws-atomic": "arn:aws:iam::125523088429:role/aws-atomic", - "aws-s3-readonly": "arn:aws:iam::125523088429:role/aws-s3-readonly", - "aws-fedoramirror": "arn:aws:iam::125523088429:role/aws-fedoramirror", - "aws-s3": "arn:aws:iam::125523088429:role/aws-s3", - "aws-cloud-poc": "arn:aws:iam::125523088429:role/aws-cloud-poc", - "aws-infra": "arn:aws:iam::125523088429:role/aws-infra", - "aws-docs": "arn:aws:iam::125523088429:role/aws-docs", - "aws-copr": "arn:aws:iam::125523088429:role/aws-copr", - "aws-centos": "arn:aws:iam::125523088429:role/aws-centos", - "aws-min": "arn:aws:iam::125523088429:role/aws-min", - "aws-fedora-ci": "arn:aws:iam::125523088429:role/aws-fedora-ci", - "aws-fcos-mgmt": "arn:aws:iam::125523088429:role/aws-fcos-mgmt", - "aws-qa": "arn:aws:iam::125523088429:role/aws-qa", -} - - -class InfoProvider(SSSDInfoProvider): - def __init__(self, *kwargs): - super().__init__(*kwargs) - self.name = "fas" - self.description = """ -A Fedora-specific version of the SSSd info plugin. -""" - self.new_config( - self.name, - pconfig.Condition( - "preconfigured", "SSSD can only be used when pre-configured", False - ), - ) - - def get_user_attrs(self, user): - reply = super().get_user_attrs(user) - reply["_extras"]["awsroles"] = [] - for group in reply["_groups"]: - if group in AWS_GROUPS: - reply["_extras"]["awsroles"].append( - "%s,%s" % (AWS_IDP_ARN, AWS_GROUPS[group]) - ) - return reply