Skip to content
Snippets Groups Projects
Commit 2c3ba2c4 authored by Evangelos Foutras's avatar Evangelos Foutras :smiley_cat:
Browse files

Merge branch 'tf-update-keycloak-provider' into 'master' 

tf-stage2: update keycloak provider to 3.8.1

See merge request !569
parents 511b6ca4 2b9e29ca
No related branches found
No related tags found
1 merge request!569tf-stage2: update keycloak provider to 3.8.1
Pipeline #18608 failed
Stage: test
Hide whitespace changes
Inline Side-by-side
tf-stage2/.terraform.lock.hcl
+ 32
26
View file @ 2c3ba2c4
...@@ -2,19 +2,21 @@ ...@@ -2,19 +2,21 @@
# Manual edits may be lost in future updates. # Manual edits may be lost in future updates.
provider "registry.terraform.io/hashicorp/external" { provider "registry.terraform.io/hashicorp/external" {
version = "2.0.0" version = "2.2.2"
hashes = [ hashes = [
"h1:Q5xqryWI3tCY8yr+fugq7dz4Qz+8g4GaW9ZS8dc6Ob8=", "h1:e7RpnZ2PbJEEPnfsg7V0FNwbfSk0/Z3FdrLsXINBmDY=",
"zh:07949780dd6a1d43e7b46950f6e6976581d9724102cb5388d3411a1b6f476bde", "zh:0b84ab0af2e28606e9c0c1289343949339221c3ab126616b831ddb5aaef5f5ca",
"zh:0a4f4636ff93f0644affa8474465dd8c9252946437ad025b28fc9f6603534a24", "zh:10cf5c9b9524ca2e4302bf02368dc6aac29fb50aeaa6f7758cce9aa36ae87a28",
"zh:0dd7e05a974c649950d1a21d7015d3753324ae52ebdd1744b144bc409ca4b3e8", "zh:56a016ee871c8501acb3f2ee3b51592ad7c3871a1757b098838349b17762ba6b",
"zh:2b881032b9aa9d227ac712f614056d050bcdcc67df0dc79e2b2cb76a197059ad", "zh:719d6ef39c50e4cffc67aa67d74d195adaf42afcf62beab132dafdb500347d39",
"zh:38feb4787b4570335459ca75a55389df1a7570bdca8cdf5df4c2876afe3c14b4", "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
"zh:40f7e0aaef3b1f4c2ca2bb1189e3fe9af8c296da129423986d1d99ccc8cfb86c", "zh:7fbfc4d37435ac2f717b0316f872f558f608596b389b895fcb549f118462d327",
"zh:56b361f64f0f0df5c4f958ae2f0e6f8ba192f35b720b9d3ae1be068fabcf73d9", "zh:8ac71408204db606ce63fe8f9aeaf1ddc7751d57d586ec421e62d440c402e955",
"zh:5fadb5880cd31c2105f635ded92b9b16f918c1dd989627a4ce62c04939223909", "zh:a4cacdb06f114454b6ed0033add28006afa3f65a0ea7a43befe45fc82e6809fb",
"zh:61fa0be9c14c8c4109cfb7be8d54a80c56d35dbae49d3231cddb59831e7e5a4d", "zh:bb5ce3132b52ae32b6cc005bc9f7627b95259b9ffe556de4dad60d47d47f21f0",
"zh:853774bf97fbc4a784d5af5a4ca0090848430781ae6cfc586adeb48f7c44af79", "zh:bb60d2976f125ffd232a7ccb4b3f81e7109578b23c9c6179f13a11d125dca82a",
"zh:f9540ecd2e056d6e71b9ea5f5a5cf8f63dd5c25394b9db831083a9d4ea99b372",
"zh:ffd998b55b8a64d4335a090b6956b4bf8855b290f7554dd38db3302de9c41809",
] ]
} }
...@@ -38,20 +40,24 @@ provider "registry.terraform.io/louy/uptimerobot" { ...@@ -38,20 +40,24 @@ provider "registry.terraform.io/louy/uptimerobot" {
} }
provider "registry.terraform.io/mrparkers/keycloak" { provider "registry.terraform.io/mrparkers/keycloak" {
version = "2.0.0" version = "3.8.1"
constraints = "2.0.0"
hashes = [ hashes = [
"h1:jeKgSpUEjfCGQNkmmUTZ+B30ZUsgGC73GirYw9Q3n1k=", "h1:iQR3OtWM43PI8H6Dz75OBEtBTWFKxYukx9M5z+CWRoA=",
"zh:0ec35b6af8431cc1d6f92f054ed80e3578511f2bd4af0ba36e7cecbf28f35bba", "zh:04dea3786b9a8eaaf56b5c9c76b9346d3ed89371e4e7bb95e0f02167d6f1d41e",
"zh:16a90911dd6b07d50136318baac5682f7533aca92e78c6953ab9632e8c43f5a4", "zh:179911a5441722d8716626761c383134cc34b5300f1d63fd75fbd41a2c536357",
"zh:300c6428351ec160d8f78486049c72d18acbb8a39b2935824fc38cb64eb39590", "zh:2b4896b343425720b76f1eb621c1b51af2d7774e70559852c6db91ec364995ba",
"zh:33f2e2de72b063eeaef1a9c81ae87f05fe7428a6410475ba66f42727b3fc6ad0", "zh:428d9e6c7bfc7525adf90131472cc703f563f2188dca790a58cf66ef5f69249c",
"zh:38efb3db71b4c1e338cd0b326a9ca42e39731859401341d3e78381c945e8ca53", "zh:450d2bf2a69a90cef3fb9043c6f2f89f269191e72efd39893bbbd9695e61f4bd",
"zh:65e547b3b5b2607bd7709ae9b118476782b222598db3144423617aff5cecdee6", "zh:5bb2d0838a6555ae3d14dd2febee51dca8cf4702a30c23d757617ae9a4d1b905",
"zh:8222f39c3aa6d085d6056e2fe2505ed1917931f8a3338aa0deea6f583a60abe5", "zh:60a17a1a9488fc93b2a11e0e5314c5e04485f9f96e3c6a002e49df02d2c3bc9a",
"zh:a06f6078b40c3849f853780a7377d0682caa5cef1312559e60a53ebe0a2f8e45", "zh:6bda95fcbca8b0b492ade6523fe5556777765e2aa230beb5388b1071d1e1edb4",
"zh:cc0a782cb901430a4e162e365d566d7d9d9fd08425b6f6a2789c5dffd18badd6", "zh:70c5160c1c041db4c9d302c6bc4a3ecfb50a659502f2c8e4ca6a87afd3e48df8",
"zh:fccc95b3cf94f21200af69f8cbaea393e21ce54946cbd58f5b659b50e9b545ed", "zh:7b60ef0163a5344e4e4a4e0d371016f8a5ed5e257ec4731a984685e384afe284",
"zh:ffd3e7acf20d961cc81c724e671810f5709955f9be6de884a07aa2079e6a709c", "zh:8b7368f17111125f083870616e356d086ed4735452cda31c9fb22103cc597d9a",
"zh:8fdb45171799227906469acc1bbc313c5a16b58dc756c3d346b5461500b46956",
"zh:954680fa65a615ea4784f205f36aedec86ffd28e38c0597ff56f4f6a30513b26",
"zh:b65c4545dddf6659601baf840fc80c72a2c0e2dffc15b2521dc3170bfa40927d",
"zh:bca184053de15bb4ade54fdb76703ab13e7a2412e73254c6b1d6f7aa776cadd1",
"zh:f4e9951f9ebd1b87e18a0b88c7643c00163f8d5c60e7157e5259d8dfe96b7f4c",
] ]
} }
tf-stage2/keycloak.tf
+ 8
3
View file @ 2c3ba2c4
...@@ -218,9 +218,7 @@ resource "keycloak_oidc_identity_provider" "realm_identity_provider" { ...@@ -218,9 +218,7 @@ resource "keycloak_oidc_identity_provider" "realm_identity_provider" {
trust_email = false trust_email = false
store_token = false store_token = false
backchannel_supported = false backchannel_supported = false
extra_config = { sync_mode = "IMPORT"
syncMode = "IMPORT"
}
} }
resource "keycloak_saml_client" "saml_gitlab" { resource "keycloak_saml_client" "saml_gitlab" {
...@@ -242,6 +240,7 @@ resource "keycloak_saml_client" "saml_gitlab" { ...@@ -242,6 +240,7 @@ resource "keycloak_saml_client" "saml_gitlab" {
base_url = "/" base_url = "/"
master_saml_processing_url = var.gitlab_instance.saml_redirect_url master_saml_processing_url = var.gitlab_instance.saml_redirect_url
idp_initiated_sso_url_name = "saml_gitlab" idp_initiated_sso_url_name = "saml_gitlab"
front_channel_logout = false
assertion_consumer_post_url = var.gitlab_instance.saml_redirect_url assertion_consumer_post_url = var.gitlab_instance.saml_redirect_url
} }
...@@ -257,6 +256,7 @@ resource "keycloak_openid_client" "openid_gitlab" { ...@@ -257,6 +256,7 @@ resource "keycloak_openid_client" "openid_gitlab" {
access_type = "PUBLIC" access_type = "PUBLIC"
standard_flow_enabled = true standard_flow_enabled = true
use_refresh_tokens = false
full_scope_allowed = false full_scope_allowed = false
valid_redirect_uris = [ valid_redirect_uris = [
"https://gitlab.archlinux.org" "https://gitlab.archlinux.org"
...@@ -775,6 +775,7 @@ resource "keycloak_openid_client" "grafana_openid_client" { ...@@ -775,6 +775,7 @@ resource "keycloak_openid_client" "grafana_openid_client" {
access_type = "CONFIDENTIAL" access_type = "CONFIDENTIAL"
standard_flow_enabled = true standard_flow_enabled = true
use_refresh_tokens = false
valid_redirect_uris = [ valid_redirect_uris = [
"https://monitoring.archlinux.org", "https://monitoring.archlinux.org",
"https://monitoring.archlinux.org/login/generic_oauth" "https://monitoring.archlinux.org/login/generic_oauth"
...@@ -802,6 +803,7 @@ resource "keycloak_openid_client" "hedgedoc_openid_client" { ...@@ -802,6 +803,7 @@ resource "keycloak_openid_client" "hedgedoc_openid_client" {
access_type = "CONFIDENTIAL" access_type = "CONFIDENTIAL"
standard_flow_enabled = true standard_flow_enabled = true
use_refresh_tokens = false
valid_redirect_uris = [ valid_redirect_uris = [
"https://md.archlinux.org/*", "https://md.archlinux.org/*",
] ]
...@@ -828,6 +830,7 @@ resource "keycloak_openid_client" "matrix_openid_client" { ...@@ -828,6 +830,7 @@ resource "keycloak_openid_client" "matrix_openid_client" {
access_type = "CONFIDENTIAL" access_type = "CONFIDENTIAL"
standard_flow_enabled = true standard_flow_enabled = true
use_refresh_tokens = false
valid_redirect_uris = [ valid_redirect_uris = [
"https://matrix.archlinux.org/_synapse/client/oidc/callback" "https://matrix.archlinux.org/_synapse/client/oidc/callback"
] ]
...@@ -857,6 +860,7 @@ resource "keycloak_openid_client" "gluebuddy_openid_client" { ...@@ -857,6 +860,7 @@ resource "keycloak_openid_client" "gluebuddy_openid_client" {
access_type = "CONFIDENTIAL" access_type = "CONFIDENTIAL"
standard_flow_enabled = true standard_flow_enabled = true
use_refresh_tokens = false
valid_redirect_uris = [ valid_redirect_uris = [
"https://gitlab.archlinux.org/" "https://gitlab.archlinux.org/"
] ]
...@@ -872,6 +876,7 @@ resource "keycloak_openid_client" "security_tracker_openid_client" { ...@@ -872,6 +876,7 @@ resource "keycloak_openid_client" "security_tracker_openid_client" {
access_type = "CONFIDENTIAL" access_type = "CONFIDENTIAL"
standard_flow_enabled = true standard_flow_enabled = true
use_refresh_tokens = false
web_origins = [] web_origins = []
valid_redirect_uris = [ valid_redirect_uris = [
"https://security.archlinux.org/*", "https://security.archlinux.org/*",
......
tf-stage2/versions.tf
+ 2
4
View file @ 2c3ba2c4
...@@ -4,12 +4,10 @@ terraform { ...@@ -4,12 +4,10 @@ terraform {
source = "hashicorp/external" source = "hashicorp/external"
} }
keycloak = { keycloak = {
source = "mrparkers/keycloak" source = "mrparkers/keycloak"
version = "2.0.0"
} }
uptimerobot = { uptimerobot = {
source = "louy/uptimerobot" source = "louy/uptimerobot"
version = "0.5.1"
} }
} }
required_version = ">= 0.13" required_version = ">= 0.13"
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment