Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Enable optional native login in the inventory ansible role #1517

Closed
2 tasks done
mogul opened this issue Apr 2, 2020 · 2 comments
Closed
2 tasks done

Enable optional native login in the inventory ansible role #1517

mogul opened this issue Apr 2, 2020 · 2 comments
Assignees
@jbrown-xentity
Labels
component/inventory Inventory playbooks/roles
Milestone
Sprint 20201001

Comments

@mogul
Copy link
Contributor

mogul commented Apr 2, 2020
edited by jbrown-xentity
Loading

User Story

In order to enable deployment and testing of inventory CKAN in non-BSP environments, we want the setup of local vs SAML authentication to be configurable with a variable.

Acceptance Criteria

  • GIVEN sandbox environments are configured with inventory_ckan_saml2_enabled: false
    WHEN the inventory.yml playbook is run
    THEN the environment is configured with CKAN's native user/password login
  • GIVEN that the BSP environments are configured with inventory_ckan_saml2_enabled: true
    WHEN the inventory.yml playbook is run
    THEN the environment is configured with SAML2 authentication

Details

Similar work has already been done for catalog.

Will need to

  • Upgrade to correct version of repoze.who library
  • Use default who.ini file (don't replace with saml2 version)
  • Add variable configuration for CKAN extensions list similar to current catalog implementation
@mogul mogul added the component/inventory Inventory playbooks/roles label Apr 2, 2020
@adborden
Copy link
Contributor

adborden commented Apr 3, 2020

Added some AC.

@jbrown-xentity jbrown-xentity mentioned this issue Apr 14, 2020
Closed
2 tasks
@adborden
Copy link
Contributor

Was just chatting with @jbrown-xentity @pjsharpe07, we probably don't want to do this work, at least not as described. We can pull in a few similar changes from 1c86878 and 71b64e9, but we don't actually need to combine saml2 into the inventory role. We should be able to just skip the role based on the inventory_app_saml2_enabled variable.

In the longer-term, #1473 will address the tech debt and remove the need for the saml2 role.

I'm going to rename this issue so it's more clear as to what we're after.

@adborden adborden changed the title Incorporate SAML2 role into the inventory ansible role Enable optional native login in the inventory ansible role Apr 16, 2020
adborden added a commit that referenced this issue Aug 26, 2020
@adborden
[inventory] enable saml2 authentication in sandbox
dabf1c7 
Enable saml2 authentication for inventory (which currently does not support
naive login in [sandbox][1].

[1]: #1517

fixup

fixup
@avdata99 avdata99 mentioned this issue Aug 27, 2020
Open
2 tasks
@jbrown-xentity jbrown-xentity mentioned this issue Sep 21, 2020
Merged
@mogul mogul added this to the Sprint 20201001 milestone Oct 6, 2020
@mogul mogul closed this as completed Oct 6, 2020
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees

@jbrown-xentity jbrown-xentity

Labels
component/inventory Inventory playbooks/roles
Projects
None yet
Milestone
Sprint 20201001
Development

No branches or pull requests
4 participants
@mogul @adborden @FuhuXia @jbrown-xentity