keycloak: Add swh-deposit client in staging realm (!321) · Merge requests · Platform / Infrastructure / Puppet / puppet-swh-site

Antoine R. Dumont requested to merge generated-differential-D5250-source into generated-differential-D5250-target Mar 15, 2021

Related to T2858

Test Plan

bin/octocatalog-diff --octocatalog-diff-args --no-truncate-details --to staging kelvingrove
Found host kelvingrove.internal.softwareheritage.org
WARN     -> Environment "wip-pg-hba-rules-in-yaml" contained non-word characters, correcting name to wip_pg_hba_rules_in_yaml
Cloning into '/tmp/swh-ocd.iQmAozqE/environments/production/data/private'...
done.
Cloning into '/tmp/swh-ocd.iQmAozqE/environments/staging/data/private'...
done.
*** Running octocatalog-diff on host kelvingrove.internal.softwareheritage.org
I, [2021-03-15T17:36:46.603102 #27824]  INFO -- : Catalogs compiled for kelvingrove.internal.softwareheritage.org
I, [2021-03-15T17:36:47.997164 #27824]  INFO -- : Diffs computed for kelvingrove.internal.softwareheritage.org
diff origin/production/kelvingrove.internal.softwareheritage.org current/kelvingrove.internal.softwareheritage.org
*******************************************
+ Keycloak_client[swh-deposit on SoftwareHeritageStaging] =>
   parameters =>
      "client_id": "swh-deposit"
      "default_client_scopes": ["profile", "email", "roles", "web-origins"]
      "direct_grant_flow": "direct_grant_no_otp-SoftwareHeritageStaging"
      "ensure": "present"
      "id": "b32d94fd-87be-56dc-937f-1aa96c2b9f6b"
      "login_theme": "swh"
      "optional_client_scopes": ["microprofile-jwt", "offline_access"]
      "public_client": true
      "realm": "SoftwareHeritageStaging"
      "redirect_uris": ["https://deposit.staging.swh.network/*", "https://deposit.internal.staging.swh.network/*"]
      "roles": ["swh.deposit.api"]
*******************************************
+ Keycloak_client_protocol_mapper[audience for b32d94fd-87be-56dc-937f-1aa96c2b9f6b on SoftwareHeritageStaging] =>
   parameters =>
      "client": "b32d94fd-87be-56dc-937f-1aa96c2b9f6b"
      "ensure": "present"
      "id": "fbb81615-8570-5280-b312-0f1e6a2a50ea"
      "included_client_audience": "swh-deposit"
      "realm": "SoftwareHeritageStaging"
      "resource_name": "audience"
      "type": "oidc-audience-mapper"
*******************************************
+ Keycloak_client_protocol_mapper[groups for b32d94fd-87be-56dc-937f-1aa96c2b9f6b on SoftwareHeritageStaging] =>
   parameters =>
      "claim_name": "groups"
      "client": "b32d94fd-87be-56dc-937f-1aa96c2b9f6b"
      "ensure": "present"
      "full_path": true
      "id": "2286ca09-2e6c-5128-810e-6be777338f6e"
      "realm": "SoftwareHeritageStaging"
      "resource_name": "groups"
      "type": "oidc-group-membership-mapper"
*******************************************

Migrated from D5250 (view on Phabricator)

Silent mode is enabled

keycloak: Add swh-deposit client in staging realm

Test Plan

Merge request reports