github.com/jenspinney/cli@v6.42.1-0.20190207184520-7450c600020e+incompatible/ci/infrastructure/operations/add-oidc-provider.yml (about) 1 --- 2 - type: replace 3 path: /instance_groups/name=uaa/jobs/name=uaa/properties/login/oauth?/providers? 4 value: 5 cli-oidc-provider: 6 type: oidc1.0 7 discoveryUrl: https://uaa-oidc.service.cf.internal:8443/.well-known/openid-configuration 8 scopes: 9 - openid 10 linkText: My other uaa Oauth Provider 11 showLinkText: true 12 addShadowUserOnLogin: true 13 relyingPartyId: rp_oidc_admin 14 relyingPartySecret: adminsecret 15 skipSslValidation: true 16 storeCustomAttributes: true 17 passwordGrantEnabled: true 18 attributeMappings: 19 given_name: given_name 20 family_name: family_name 21 user_name: user_name 22 23 - type: replace 24 path: /instance_groups/- 25 value: 26 name: uaa-oidc 27 instances: 1 28 azs: [z1, z2, z3] 29 vm_type: default 30 stemcell: default 31 persistent_disk: 500 32 networks: 33 - name: default 34 jobs: 35 - name: uaa 36 release: uaa 37 properties: 38 encryption: 39 active_key_label: 'key-1' 40 encryption_keys: 41 - label: 'key-1' 42 passphrase: 'MY-PASSPHRASE' 43 uaadb: 44 databases: 45 - name: uaa_oidc 46 tag: uaa 47 db_scheme: mysql 48 port: 3306 49 roles: 50 - name: uaa-oidc 51 password: "((uaa_oidc_database_password))" 52 tag: admin 53 uaa: 54 url: https://uaa-oidc.service.cf.internal:8443 55 jwt: 56 policy: 57 active_key_id: key-1 58 keys: 59 key-1: 60 signingKey: ((uaa-oidc-key1.private_key)) 61 sslCertificate: ((uaa-oidc_tls.certificate)) 62 sslPrivateKey: ((uaa-oidc_tls.private_key)) 63 clients: 64 rp_oidc_admin: 65 authorized-grant-types: authorization_code,client_credentials,refresh_token,user_token,password,urn:ietf:params:oauth:grant-type:saml2-bearer,implicit 66 redirect-uri: https://uaa.service.cf.internal:8443/login/callback/cli-oidc-provider 67 scope: openid,uaa.admin,clients.read,clients.write,clients.secret,scim.read,scim.write,clients.admin,uaa.user 68 authorities: uaa.admin,clients.admin 69 secret: adminsecret 70 scim: 71 user: 72 override: true 73 users: 74 - name: admin-oidc 75 password: "((uaa_oidc_admin_password))" 76 groups: 77 - uaa.admin 78 login: 79 protocol: https 80 saml: 81 activeKeyId: key1 82 keys: 83 key1: 84 key: ((saml_oidc-key1.private_key)) 85 passphrase: '' 86 certificate: ((saml_oidc-key1.certificate)) 87 88 - type: replace 89 path: /addons/name=bosh-dns-aliases/jobs/name=bosh-dns-aliases/properties/aliases/- 90 value: 91 domain: uaa-oidc.service.cf.internal 92 targets: 93 - query: '*' 94 instance_group: uaa-oidc 95 deployment: cf 96 network: default 97 domain: bosh 98 99 - type: replace 100 path: /instance_groups/name=database/jobs/name=pxc-mysql/properties/seeded_databases?/- 101 value: 102 name: uaa_oidc 103 username: uaa-oidc 104 password: "((uaa_oidc_database_password))" 105 106 - type: replace 107 path: /variables?/- 108 value: 109 name: uaa_oidc_admin_password 110 type: password 111 112 - type: replace 113 path: /variables?/- 114 value: 115 name: uaa_oidc_database_password 116 type: password 117 118 - type: replace 119 path: /variables?/- 120 value: 121 name: uaa-oidc-key1 122 type: rsa 123 124 - type: replace 125 path: /variables?/- 126 value: 127 name: uaa-oidc_ca 128 type: certificate 129 options: 130 is_ca: true 131 common_name: uaa-oidc 132 alternative_names: ["*.uaa-oidc.service.cf.internal"] 133 extended_key_usage: 134 - server_auth 135 136 - type: replace 137 path: /variables?/- 138 value: 139 name: saml_oidc-key1 140 type: certificate 141 options: 142 ca: uaa-oidc_ca 143 common_name: saml_oidc 144 145 - type: replace 146 path: /variables?/- 147 value: 148 name: uaa-oidc_tls 149 type: certificate 150 options: 151 ca: uaa-oidc_ca 152 common_name: uaa-oidc.service.cf.internal