NOTE
Generate client_credentials for the image builder service for fedorainfracloud.org, the production environment this time.
Client id for the service to contact fedora oidc sso for token introspection: consolerhc
Client id for clients/users: consolehrc-cli
Context: https://discussion.fedoraproject.org/t/image-builder-for-fedora/92925/24
Similar to https://pagure.io/fedora-infrastructure/issue/11693
When it suits you.
Metadata Update from @zlopez: - Issue priority set to: Waiting on Assignee (was: Needs Review) - Issue tagged with: low-gain, low-trouble, ops
Do I understand it correctly, that you need two entries? One for consolerhc and second for consolerhc-ci
consolerhc
consolerhc-ci
That's correct! One for the service to authenticate itself and do token introspection, and one for clients connecting to it (consolerhc-cli). I can't remember if they're set up the exact same way. I think the stage setup is correct so it would just be the same thing but on production.
Metadata Update from @zlopez: - Issue assigned to zlopez
I created the OIDC credentials for production based on the staging entries. How did you get the client secrets last time?
Metadata Update from @zlopez: - Issue priority set to: Waiting on Reporter (was: Waiting on Assignee)
Would you be ok with a gpg encrypted message? https://github.com/croissanne.gpg
I sent you e-mail with attachment encrypted by your GPG key. Hopefully I did it correctly and you will be able to decrypt it. Let me know if everything is working.
Received and was able to read them, thank you! Ok with marking them as fixed :)
Closing the issue now. Feel free to reopen it if something doesn't work as it should.
Metadata Update from @zlopez: - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
Log in to comment on this ticket.