IK.AM

@making's tech note

Cloud FoundryのUAAでConcourseのチーム機能を使う

🗃 {Dev/CI/ConcourseCI}
🏷 Concourse CI 🏷 Cloud Foundry 
🗓 Updated at 2017-12-20T02:32:23Z  🗓 Created at 2017-03-27T02:22:36Z   🌎 English Page

memo

基本的にはhttp://concourse.ci/teams.html#section_uaa-cf-authの通り。

まずはUAAのクライアント作成

uaac client add concourse-atc \
  --name concourse-atc \
  --secret <concourse-client-secret> \
  --authorized_grant_types authorization_code,refresh_token \
  --scope cloud_controller.read \
  --access_token_validity 3600 \
  --refresh_token_validity 36000 \
  --redirect_uri https://<concourse domain>/auth/uaa/callback \
  --autoapprove true

次にConcourseのチーム作成

fly -t <target> set-team -n <team>   \
    --basic-auth-username=admin \
    --basic-auth-password=admin \
    --uaa-auth-client-id concourse-atc \
    --uaa-auth-client-secret <concourse-client-secret> \
    --uaa-auth-auth-url https://login.<system domain>/oauth/authorize \
    --uaa-auth-token-url https://login.<system domain>/oauth/token \
    --uaa-auth-cf-url https://api.<system domain> \
    --uaa-auth-cf-space <space uuid> \
    --uaa-auth-cf-ca-cert ~/xxxx.crt

uaa-auth-cf-ca-certは自己証明書を使っている場合に必要

✒️️ Edit  ⏰ History  🗑 Delete