diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-04-05 00:08:53 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-04-05 00:08:53 +0300 |
commit | 269e52662aceba62b91424e87f4def90ecc81e6c (patch) | |
tree | 6ba6a0ce47114c969ce92e7e726ee303013bebcf /doc/integration/oauth2_generic.md | |
parent | bbc241ab7fff1f6854a70eb56ee70b0dad2b6144 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/integration/oauth2_generic.md')
-rw-r--r-- | doc/integration/oauth2_generic.md | 58 |
1 files changed, 32 insertions, 26 deletions
diff --git a/doc/integration/oauth2_generic.md b/doc/integration/oauth2_generic.md index 7b809e2feee..79238c78421 100644 --- a/doc/integration/oauth2_generic.md +++ b/doc/integration/oauth2_generic.md @@ -107,39 +107,45 @@ To configure the provider: helm get values gitlab > gitlab_values.yaml ``` - 1. Edit `gitlab_values.yaml`. + 1. Put the following content in a file named `oauth2_generic.yaml` for use as a + [Kubernetes Secret](https://docs.gitlab.com/charts/charts/globals.html#providers): - NOTE: - The following example exposes the `app_secret` value in the main YAML file. - You're strongly advised to use - [Helm secrets](https://docs.gitlab.com/charts/installation/secrets.html) - instead. + ```yaml + name: "oauth2_generic" + label: "Provider name" # optional label for login button defaults to "Oauth2 Generic" + app_id: "<your_app_client_id>" + app_secret: "<your_app_client_secret>" + args: + client_options: + site: "<your_auth_server_url>" + user_info_url: "/oauth2/v1/userinfo" + authorize_url: "/oauth2/v1/authorize" + token_url: "/oauth2/v1/token" + user_response_structure: + root_path: [] + id_path: ["sub"] + attributes: + email: "email" + name: "name" + authorize_params: + scope: "openid profile email" + strategy_class: "OmniAuth::Strategies::OAuth2Generic" + ``` + + 1. Create the Kubernetes Secret: + + ```shell + kubectl create secret generic -n <namespace> gitlab-oauth2-generic --from-file=provider=oauth2_generic.yaml + ``` + + 1. Edit `gitlab_values.yaml` and add the provider configuration: ```yaml global: appConfig: omniauth: - enabled: true providers: - - name: "oauth2_generic" - label: "Provider name" # optional label for login button defaults to "Oauth2 Generic" - app_id: "<your_app_client_id>" - app_secret: "<your_app_client_secret>" - args: - client_options: - site: "<your_auth_server_url>" - user_info_url: "/oauth2/v1/userinfo" - authorize_url: "/oauth2/v1/authorize" - token_url: "/oauth2/v1/token" - user_response_structure: - root_path: [] - id_path: ["sub"] - attributes: - email: "email" - name: "name" - authorize_params: - scope: "openid profile email" - strategy_class: "OmniAuth::Strategies::OAuth2Generic" + - secret: gitlab-oauth2-generic ``` 1. Save the file and apply the new values: |