| #!/bin/bash | |
| # /api | |
| GROUP="" | |
| for VERSION in `oc get --raw /api | jq -r .versions[] | sort`; | |
| do | |
| echo "- apiGroups:" | |
| echo " - $GROUP" | |
| for RESOURCE in `oc get --raw /api/${VERSION} | jq -r .resources[].name | sort`; |
As an ops person, you need a GPG key associated with your @redhat.com email address and distributed to a public keyserver such as pgp.mit.edu.
More information on specific steps can currently be found starting here, or via a web search: https://www.gnupg.org/gph/en/manual/c14.html
If you are creating a new GPG key, make sure it's 4096 bits long. If you're sure you want to re-use an existing key, you may do so. 4096 bits is preferred,
| Assumes you have an OCP 4.x cluster already created and you are logged in. | |
| A few gotyas: | |
| * Do not use spaces in your callback name. In this example it's called "github". | |
| * If you want to use a team, the format in the config (not shown here) is "<ORGANIZATION_NAME>/<TEAM_NAME>" | |
| # Create github oauth app with: | |
| # hostname | |
| echo "https://`oc get routes -n openshift-console | grep -v NAME | awk '{print $2}'`" |
| apiVersion: hive.openshift.io/v1alpha1 | |
| kind: SelectorSyncSet | |
| metadata: | |
| annotations: | |
| kubectl.kubernetes.io/last-applied-configuration: | | |
| {"apiVersion":"hive.openshift.io/v1alpha1","kind":"SelectorSyncSet","metadata":{"annotations":{},"labels":{"managed.openshift.io/gitHash":"3213669","managed.openshift.io/gitRepoName":"managed-cluster-config","managed.openshift.io/osd":"true"},"name":"osd-logging","namespace":""},"spec":{"clusterDeploymentSelector":{"matchLabels":{"api.openshift.com/managed":"true"}},"resourceApplyMode":"sync","resources":[{"apiVersion":"operators.coreos.com/v1","kind":"CatalogSourceConfig","metadata":{"name":"installed-redhat-openshift-logging","namespace":"openshift-marketplace"},"spec":{"csDisplayName":"Red Hat Operators","csPublisher":"Red | |
| Hat","packages":"cluster-logging","targetNamespace":"openshift-logging"}},{"apiVersion":"operators.coreos.com/v1","kind":"CatalogSourceConfig","metadata":{"name":"installed-redhat-openshift-operators","namespace":"openshift-marketplace"},"sp |
| PASSWORD= | |
| CLUSTER_NAME= | |
| CLUSTER_NAMESPACE= | |
| touch htpasswd | |
| htpasswd -b htpasswd customer-admin $PASSWORD | |
| htpasswd -b htpasswd customer-user $PASSWORD | |
| oc create secret generic htpasswd-secret --from-file=htpasswd=htpasswd -n openshift-config --dry-run -o yaml > htpasswd-secret.yaml |
| #!/bin/bash | |
| # /api | |
| GROUP="" | |
| for VERSION in `oc get --raw /api | jq -r .versions[] | sort`; | |
| do | |
| echo "- apiGroups:" | |
| echo " - $GROUP" | |
| for RESOURCE in `oc get --raw /api/${VERSION} | jq -r .resources[].name | sort`; |
| apiVersion: hive.openshift.io/v1alpha1 | |
| kind: SelectorSyncSet | |
| metadata: | |
| generation: 1 | |
| name: osd-oauth-templates | |
| spec: | |
| clusterDeploymentSelector: | |
| matchLabels: | |
| api.openshift.com/managed: "true" | |
| resourceApplyMode: sync |
| #!/bin/bash | |
| CLUSTER_NAME=$1 | |
| PASSWORD=$2 | |
| IDENTITY_ID=aos-sre | |
| IDENTITY_NAME="Red Hat SRE Test Auth" | |
| if [ "$CLUSTER_NAME" == "" ]; | |
| then |
| htpasswd -c -b htpasswd $USER $PASSWORD | |
| oc delete secret htpass-secret -n openshift-config | |
| oc create secret generic htpass-secret --from-file=htpasswd=htpasswd -n openshift-config | |
| git clone git@github.com:openshift/online.git --depth=1 -b prod | |
| oc delete secret -n openshift-config oauth-templates | |
| oc create secret generic oauth-templates -n openshift-config \ | |
| --from-file=login.html=online/ansible/roles/oso_custom_templates/files/dedicated/login.html \ | |
| --from-file=providers.html=online/ansible/roles/oso_custom_templates/files/dedicated/provider-selection.html \ |
| #!/bin/bash | |
| CLUSTER_NAME=$1 | |
| PASSWORD=$2 | |
| if [ "$CLUSTER_NAME" == "" ] || [ "$PASSWORD" == "" ]; | |
| then | |
| echo "Usage: $0 <Cluster Name> <\$USER password>" | |
| exit 1 | |
| fi |