@making's memo

All Categories All Tags Premium (Beta)


Cloud FoundryのUAAでConcourseのチーム機能を使う

Edit History

memo

基本的にはhttp://concourse.ci/teams.html#section_uaa-cf-authの通り。

まずはUAAのクライアント作成

uaac client add concourse-atc \
  --name concourse-atc \
  --secret <concourse-client-secret> \
  --authorized_grant_types authorization_code,client_credentials,refresh_token \
  --authorities cloud_controller.admin \
  --scope cloud_controller.read \
  --access_token_validity 3600 \
  --refresh_token_validity 36000 \
  --redirect_uri https://<concourse domain>/auth/uaa/callback \
  --autoapprove true

次にConcourseのチーム作成

fly -t <target> set-team -n <team>   \
    --basic-auth-username=admin \
    --basic-auth-password=admin \
    --uaa-auth-client-id concourse-atc \
    --uaa-auth-client-secret <concourse-client-secret> \
    --uaa-auth-auth-url https://login.<system domain>/oauth/authorize \
    --uaa-auth-token-url https://login.<system domain>/oauth/token \
    --uaa-auth-cf-url https://api.<system domain> \
    --uaa-auth-cf-space <space uuid> \
    --uaa-auth-cf-ca-cert ~/xxxx.crt

uaa-auth-cf-ca-certは自己証明書を使っている場合に必要

このエントリーをはてなブックマークに追加