github.com/caos/orbos@v1.5.14-0.20221103111702-e6cd0cea7ad4/internal/operator/boom/application/applications/monitoring/auth/gitlab.go

github.com/caos/orbos@v1.5.14-0.20221103111702-e6cd0cea7ad4/internal/operator/boom/application/applications/monitoring/auth/gitlab.go (about)

     1  package auth
     2  
     3  import (
     4  	"strings"
     5  
     6  	"github.com/caos/orbos/pkg/secret/read"
     7  
     8  	gitlab "github.com/caos/orbos/internal/operator/boom/api/latest/monitoring/auth/Gitlab"
     9  )
    10  
    11  func GetGitlabAuthConfig(spec *gitlab.Auth) (map[string]string, error) {
    12  	clientID, err := read.GetSecretValueOnlyIncluster(spec.ClientID, spec.ExistingClientIDSecret)
    13  	if err != nil {
    14  		return nil, err
    15  	}
    16  
    17  	clientSecret, err := read.GetSecretValueOnlyIncluster(spec.ClientSecret, spec.ExistingClientSecretSecret)
    18  	if err != nil {
    19  		return nil, err
    20  	}
    21  
    22  	if clientID == "" || clientSecret == "" {
    23  		return nil, nil
    24  	}
    25  
    26  	allowedGroups := strings.Join(spec.AllowedGroups, " ")
    27  
    28  	return map[string]string{
    29  		"enabled":        "true",
    30  		"allow_sign_up":  "false",
    31  		"client_id":      clientID,
    32  		"client_secret":  clientSecret,
    33  		"scopes":         "api",
    34  		"auth_url":       "https://gitlab.com/oauth/authorize",
    35  		"token_url":      "https://gitlab.com/oauth/token",
    36  		"api_url":        "https://gitlab.com/api/v4",
    37  		"allowed_groups": allowedGroups,
    38  	}, nil
    39  }