GitLab is an oidcTokenProvider
Signed-off-by: Jamie Klassen <jklassen@vmware.com>
This commit is contained in:
@@ -0,0 +1,5 @@
|
||||
---
|
||||
'@backstage/plugin-kubernetes': patch
|
||||
---
|
||||
|
||||
GitLab can now be used as an `oidcTokenProvider` for Kubernetes clusters
|
||||
@@ -18,7 +18,11 @@ Settings for local development:
|
||||
|
||||
- Name: Backstage (or your custom app name)
|
||||
- Redirect URI: `http://localhost:7007/api/auth/gitlab/handler/frame`
|
||||
- Scopes: `read_api` and `read_user`
|
||||
- Scopes: `read_user` for sign-in. If you also need ID tokens (e.g. if you are
|
||||
using the Kubernetes plugin and have clusters with `authProvider: oidc` and
|
||||
[`oidcTokenProvider:
|
||||
gitlab`](https://backstage.io/docs/features/kubernetes/configuration/#clustersoidctokenprovider-optional)),
|
||||
add the `openid` scope.
|
||||
|
||||
## Configuration
|
||||
|
||||
|
||||
@@ -160,8 +160,9 @@ auth:
|
||||
audience: ${AUTH_OKTA_AUDIENCE}
|
||||
```
|
||||
|
||||
The following values are supported out-of-the-box by the frontend: `google`, `microsoft`,
|
||||
`okta`, `onelogin`.
|
||||
The following values are supported out-of-the-box by the frontend: `gitlab` (the
|
||||
application whose `clientId` is used by the auth provider should be granted the
|
||||
`openid` scope), `google`, `microsoft`, `okta`, `onelogin`.
|
||||
|
||||
Take note that `oidcTokenProvider` is just the issuer for the token, you can use any
|
||||
of these with an OIDC enabled cluster, like using `microsoft` as the issuer for a EKS
|
||||
|
||||
@@ -23,6 +23,7 @@ import {
|
||||
createRouteRef,
|
||||
discoveryApiRef,
|
||||
identityApiRef,
|
||||
gitlabAuthApiRef,
|
||||
googleAuthApiRef,
|
||||
microsoftAuthApiRef,
|
||||
oktaAuthApiRef,
|
||||
@@ -49,18 +50,21 @@ export const kubernetesPlugin = createPlugin({
|
||||
createApiFactory({
|
||||
api: kubernetesAuthProvidersApiRef,
|
||||
deps: {
|
||||
gitlabAuthApi: gitlabAuthApiRef,
|
||||
googleAuthApi: googleAuthApiRef,
|
||||
microsoftAuthApi: microsoftAuthApiRef,
|
||||
oktaAuthApi: oktaAuthApiRef,
|
||||
oneloginAuthApi: oneloginAuthApiRef,
|
||||
},
|
||||
factory: ({
|
||||
gitlabAuthApi,
|
||||
googleAuthApi,
|
||||
microsoftAuthApi,
|
||||
oktaAuthApi,
|
||||
oneloginAuthApi,
|
||||
}) => {
|
||||
const oidcProviders = {
|
||||
gitlab: gitlabAuthApi,
|
||||
google: googleAuthApi,
|
||||
microsoft: microsoftAuthApi,
|
||||
okta: oktaAuthApi,
|
||||
|
||||
Reference in New Issue
Block a user