Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Generalize the building of eduPersonEntitlement #13

Merged
merged 3 commits into from
Sep 5, 2024
Merged

Generalize the building of eduPersonEntitlement #13

merged 3 commits into from
Sep 5, 2024

Conversation

sebastian-luna-valero
Copy link
Contributor

At the moment, the construction of the eduPersonEntitlement is mostly harcoded:

ansible-role-motley-cue/tasks/main.yml

Lines 79 to 82 in 950d21a

- name: set SSH_AUTHORISE_VOS
set_fact:
command_env: "{{ command_env | combine ({ 'SSH_AUTHORISE_VOS' : ['urn:mace:egi.eu:group:{{ssh_oidc_other_vos}}:role=member#aai.egi.eu'] }) }}"
when: ssh_oidc_other_vos != ''

This PR adds the changes required to make it configurable with Ansible variables.

Additionally, the creates argument when executing contextualise_ssh_server has been deleted:

ansible-role-motley-cue/tasks/main.yml

Line 105 in 950d21a

creates: /opt/motley_cue/motley_cue.conf

Otherwise, updating the value of the variables for the configuration of the VO won't be applied to motley_cue.conf after it has been created for the first time.

Instead of ssh_oidc_other_vos_* variables, we may also want to consider a shorter option for the naming.

@sebastian-luna-valero sebastian-luna-valero mentioned this pull request Aug 22, 2024
Merged
@micafer micafer merged commit 69c2183 into grycap:main Sep 5, 2024
6 checks passed
@sebastian-luna-valero sebastian-luna-valero deleted the groups-roles branch September 5, 2024 12:02
sebastian-luna-valero added a commit to sebastian-luna-valero/tosca-upv that referenced this pull request Sep 5, 2024
@sebastian-luna-valero
Replace ssh_oidc_other_vos with ssh_oidc_other_vos_name
8d8d6cf 
Required after grycap/ansible-role-motley-cue#13
@sebastian-luna-valero sebastian-luna-valero mentioned this pull request Sep 5, 2024
Merged
sebastian-luna-valero added a commit to EGI-Federation/fedcloud-dashboard that referenced this pull request Sep 5, 2024
@sebastian-luna-valero
Replace ssh_oidc_other_vos with ssh_oidc_other_vos_name after grycap/…
933905e 
…ansible-role-motley-cue#13
enolfc pushed a commit to EGI-Federation/fedcloud-dashboard that referenced this pull request Sep 19, 2024
@sebastian-luna-valero
Enable access via ssh-oidc and cloud.egi.eu (#54)
703bcca 
* enable access via ssh-oidc and cloud.egi.eu

* Replace ssh_oidc_other_vos with ssh_oidc_other_vos_name after grycap/ansible-role-motley-cue#13

* sudo powers for members of the vo.cloud.egi.eu with the auditor role

* update CONTRIBUTING.md with latest version in the template

* fix role name

* linting

* linting

* fix grycap.motley_cue name

* pass access token to Ansible playbook

* use prettier to lint .github/workflows/deploy.yaml

* add PWD to PATH

* linting
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@sebastian-luna-valero @micafer