Zum Inhalt

Guide for Administrators

Grant Access via a auth provider for Kubernetes

Setup a new Application Token

Add the gitlab auth provider

oauthConfig:
  assetPublicURL: https://openshift.XXX.xrow.net:8443/console/
  grantConfig:
    method: auto
  identityProviders:
  - challenge: true
    login: true
    mappingMethod: lookup
    name: gitlab
    provider:
      apiVersion: v1
      clientID: XXX
      clientSecret: XXX
      kind: GitLabIdentityProvider
      legacy: false
      url: https://gitlab.com/

Map an identity

Create a cluster admin user

oc create identity gitlab:44745
oc create useridentitymapping gitlab:44745 admin

Create a namespace admin

oc create identity gitlab:44745
oc create user service@xrow.de --full-name="xrow GmbH"
oc policy add-role-to-user admin service@xrow.de -n project-name-production
oc create useridentitymapping gitlab:44745 service@xrow.de

Create a namespace developer:

Uses the special role developer-operator-developer.

oc create identity gitlab:44745
oc create user service@xrow.de --full-name="xrow GmbH"
oc policy add-role-to-user developer-operator-developer service@xrow.de -n project-name-production
oc create useridentitymapping gitlab:44745 service@xrow.de

Revoke access

oc delete useridentitymapping gitlab:44745