diff options
author | Jason DeTiberus <jdetiber@redhat.com> | 2015-11-16 16:01:54 -0500 |
---|---|---|
committer | Jason DeTiberus <jdetiber@redhat.com> | 2015-11-23 11:33:41 -0500 |
commit | 3cbe7df8461e5514773e416d137980ce9bedf33d (patch) | |
tree | b3dddcc0a4004fa09fae262c0a9385c7ed73796f /roles/openshift_master/templates/master.yaml.v1.j2 | |
parent | 8e979def0a56b40ab8a3acbd2e1a146457a5aaa6 (diff) | |
download | openshift-3cbe7df8461e5514773e416d137980ce9bedf33d.tar.gz openshift-3cbe7df8461e5514773e416d137980ce9bedf33d.tar.bz2 openshift-3cbe7df8461e5514773e416d137980ce9bedf33d.tar.xz openshift-3cbe7df8461e5514773e416d137980ce9bedf33d.zip |
Refactor master identity provider configuration
- Remote template in favor of a filter plugin
- Add additional validation for identity provider config
- Add mappingMethod attribute for identity providers, default to 'claim'
Diffstat (limited to 'roles/openshift_master/templates/master.yaml.v1.j2')
-rw-r--r-- | roles/openshift_master/templates/master.yaml.v1.j2 | 19 |
1 files changed, 18 insertions, 1 deletions
diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2 index 2a37c06d9..9f4a17f0a 100644 --- a/roles/openshift_master/templates/master.yaml.v1.j2 +++ b/roles/openshift_master/templates/master.yaml.v1.j2 @@ -107,7 +107,24 @@ networkConfig: {% endif %} # serviceNetworkCIDR must match kubernetesMasterConfig.servicesSubnet serviceNetworkCIDR: {{ openshift.master.portal_net }} -{% include 'v1_partials/oauthConfig.j2' %} +oauthConfig: + assetPublicURL: {{ openshift.master.public_console_url }}/ + grantConfig: + method: {{ openshift.master.oauth_grant_method }} + identityProviders: +{% for line in translated_identity_providers.splitlines() %} + {{ line }} +{% endfor %} + masterCA: ca.crt + masterPublicURL: {{ openshift.master.public_api_url }} + masterURL: {{ openshift.master.api_url }} + sessionConfig: + sessionMaxAgeSeconds: {{ openshift.master.session_max_seconds }} + sessionName: {{ openshift.master.session_name }} + sessionSecretsFile: {{ openshift.master.session_secrets_file }} + tokenConfig: + accessTokenMaxAgeSeconds: {{ openshift.master.access_token_max_seconds }} + authorizeTokenMaxAgeSeconds: {{ openshift.master.auth_token_max_seconds }} pauseControllers: false policyConfig: bootstrapPolicyFile: {{ openshift_master_policy }} |