particle-os/debian-forge-composer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

worker: Support client_credentials grant type in client

Browse source 
This will allow us to use the service accounts which work against
identity.api.openshift.com. These are much easier to manage, especially
with the new multi-tenancy, as there's a single page to create/expire
them across an account.

They also have the added benefit of not expiring automatically when
they're not used like offline tokens, and immediate expiration when
desired.
This commit is contained in:
Sanne Raymaekers 2022-03-08 15:45:39 +01:00
parent 8900bcec40
commit 2023f7731d
8 changed files with 84 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

1
test/cases/api.sh
View file

@ -1294,6 +1294,7 @@ EOF
cat <<EOF | sudo tee "/etc/osbuild-worker/osbuild-worker.toml"
[authentication]
oauth_url = http://localhost:8081/token
client_id = "rhsm-api"
offline_token = "/etc/osbuild-worker/token"
EOF

1
test/cases/multi-tenancy.sh
View file

@ -90,6 +90,7 @@ EOF
sudo tee "/etc/osbuild-worker/osbuild-worker.toml" >/dev/null <<EOF
[authentication]
oauth_url = "http://localhost:8081/token"
client_id = "rhsm-api"
offline_token = "/etc/osbuild-worker/token"
[koji.localhost.kerberos]