github.com/franc20/ayesa_sap@v7.0.0-beta.28.0.20200124003224-302d4d52fa6c+incompatible/ci/infrastructure/operations/add-oidc-provider.yml (about) 1 --- 2 - type: replace 3 path: /instance_groups/name=uaa/jobs/name=uaa/properties/login/oauth?/providers? 4 value: 5 cli-oidc-provider: 6 type: oidc1.0 7 discoveryUrl: https://uaa-oidc.service.cf.internal:8443/.well-known/openid-configuration 8 scopes: 9 - openid 10 linkText: My other uaa Oauth Provider 11 showLinkText: true 12 addShadowUserOnLogin: true 13 relyingPartyId: rp_oidc_admin 14 relyingPartySecret: adminsecret 15 skipSslValidation: true 16 storeCustomAttributes: true 17 passwordGrantEnabled: true 18 attributeMappings: 19 given_name: given_name 20 family_name: family_name 21 user_name: user_name 22 23 - type: replace 24 path: /instance_groups/name=uaa:after 25 value: 26 name: uaa-oidc 27 instances: 1 28 azs: [z1, z2, z3] 29 vm_type: default 30 stemcell: default 31 persistent_disk: 500 32 networks: 33 - name: default 34 jobs: 35 - name: uaa 36 release: uaa 37 properties: 38 encryption: 39 active_key_label: 'key-1' 40 encryption_keys: 41 - label: 'key-1' 42 passphrase: 'MY-PASSPHRASE' 43 uaadb: 44 address: sql-db.service.cf.internal 45 databases: 46 - name: uaa_oidc 47 tag: uaa 48 db_scheme: mysql 49 port: 3306 50 roles: 51 - name: uaa-oidc 52 password: "((uaa_oidc_database_password))" 53 tag: admin 54 uaa: 55 url: https://uaa-oidc.service.cf.internal:8443 56 jwt: 57 policy: 58 active_key_id: key-1 59 keys: 60 key-1: 61 signingKey: ((uaa-oidc-key1.private_key)) 62 sslCertificate: ((uaa-oidc_tls.certificate)) 63 sslPrivateKey: ((uaa-oidc_tls.private_key)) 64 ca_certs: 65 - ((mysql_server_certificate.ca)) 66 clients: 67 rp_oidc_admin: 68 authorized-grant-types: authorization_code,client_credentials,refresh_token,user_token,password,urn:ietf:params:oauth:grant-type:saml2-bearer,implicit 69 redirect-uri: https://uaa.service.cf.internal:8443/login/callback/cli-oidc-provider 70 scope: openid,uaa.admin,clients.read,clients.write,clients.secret,scim.read,scim.write,clients.admin,uaa.user 71 authorities: uaa.admin,clients.admin 72 secret: adminsecret 73 scim: 74 user: 75 override: true 76 users: 77 - name: admin-oidc 78 password: "((uaa_oidc_admin_password))" 79 groups: 80 - uaa.admin 81 login: 82 protocol: https 83 saml: 84 activeKeyId: key1 85 keys: 86 key1: 87 key: ((saml_oidc-key1.private_key)) 88 passphrase: '' 89 certificate: ((saml_oidc-key1.certificate)) 90 91 - type: replace 92 path: /addons/name=bosh-dns-aliases/jobs/name=bosh-dns-aliases/properties/aliases/- 93 value: 94 domain: uaa-oidc.service.cf.internal 95 targets: 96 - query: '*' 97 instance_group: uaa-oidc 98 deployment: cf 99 network: default 100 domain: bosh 101 102 - type: replace 103 path: /instance_groups/name=database/jobs/name=pxc-mysql/properties/seeded_databases?/- 104 value: 105 name: uaa_oidc 106 username: uaa-oidc 107 password: "((uaa_oidc_database_password))" 108 109 - type: replace 110 path: /variables?/- 111 value: 112 name: uaa_oidc_admin_password 113 type: password 114 115 - type: replace 116 path: /variables?/- 117 value: 118 name: uaa_oidc_database_password 119 type: password 120 121 - type: replace 122 path: /variables?/- 123 value: 124 name: uaa-oidc-key1 125 type: rsa 126 127 - type: replace 128 path: /variables?/- 129 value: 130 name: uaa-oidc_ca 131 type: certificate 132 options: 133 is_ca: true 134 common_name: uaa-oidc 135 alternative_names: ["*.uaa-oidc.service.cf.internal"] 136 extended_key_usage: 137 - server_auth 138 139 - type: replace 140 path: /variables?/- 141 value: 142 name: saml_oidc-key1 143 type: certificate 144 options: 145 ca: uaa-oidc_ca 146 common_name: saml_oidc 147 148 - type: replace 149 path: /variables?/- 150 value: 151 name: uaa-oidc_tls 152 type: certificate 153 options: 154 ca: uaa-oidc_ca 155 common_name: uaa-oidc.service.cf.internal