Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support Visibility in Automate via Chef Server #148

Closed
chris-rock opened this issue Nov 7, 2016 · 1 comment

Comments

@chris-rock
Copy link
Contributor

commented Nov 7, 2016

Cookbook version

2.0

Scenario:

Customers use the latest version of Automate that allows users to send reports to Visibility Data Collector API via Chef Server. This increases security, since all requests are signed now. The audit cookbook should support that scenario

Solution

As discussed with @alexpop, we are two different endpoints that are being used based on the setup. We have the following flows:

  1. chef-client (with dc_token) —> chef-server(/data-collector/) —> chef-automate authenticates using dc_token from client
  2. chef-client —> chef-server(/organizations/ORG/data-collector) —> chef-automate authenticates using dc_token added by chef-server after verifying the client

The first flow is already implemented. We need to add support for the second flow.

  • /data-collector/ requires dc_token
  • /organizations/([^/]+)/data-collector requires chef signed headers
@chris-rock

This comment has been minimized.

Copy link
Contributor Author

commented Nov 28, 2016

fixed via #163

@chris-rock chris-rock closed this Nov 28, 2016

@chris-rock chris-rock removed the ready label Nov 28, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.