generated from hashicorp/terraform-provider-scaffolding
-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #22 from hashicorp-dev-advocates/oidc
OIDC
- Loading branch information
Showing
19 changed files
with
612 additions
and
97 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,71 @@ | ||
--- | ||
# generated by https://github.com/hashicorp/terraform-plugin-docs | ||
page_title: "waypoint_auth_method_oidc Resource - terraform-provider-waypoint" | ||
subcategory: "" | ||
description: |- | ||
Auth method OIDC resource manages OIDC auth methods in Waypoint. | ||
--- | ||
|
||
# waypoint_auth_method_oidc (Resource) | ||
|
||
Auth method OIDC resource manages OIDC auth methods in Waypoint. | ||
|
||
## Example Usage | ||
|
||
```terraform | ||
resource "waypoint_auth_method_oidc" "okta" { | ||
name = "my-oidc" | ||
display_name = "My OIDC Provider" | ||
client_id = "..." | ||
client_secret = "..." | ||
discovery_url = "https://my-oidc.provider/oauth2/default" | ||
allowed_redirect_urls = [ | ||
"https://localhost:9702/auth/oidc-callback", | ||
] | ||
auds = [ | ||
"..." | ||
] | ||
list_claim_mappings = { | ||
groups = "groups" | ||
} | ||
signing_algs = [ | ||
"rsa512" | ||
] | ||
discovery_ca_pem = [ | ||
"cert1.crt" | ||
] | ||
} | ||
``` | ||
|
||
<!-- schema generated by tfplugindocs --> | ||
## Schema | ||
|
||
### Required | ||
|
||
- `allowed_redirect_urls` (List of String) Allowed URI for auth redirection. | ||
- `client_id` (String) Client ID of OIDC provider | ||
- `discovery_url` (String) Discovery URL for OIDC provider | ||
- `name` (String) name of OIDC auth method | ||
|
||
### Optional | ||
|
||
- `accessor_selector` (String) | ||
- `auds` (List of String) The optional audience claims required | ||
- `claim_mappings` (Map of String) Mapping of a claim to a variable value for the access selector | ||
- `client_secret` (String, Sensitive) client secret for OIDC provider | ||
- `description` (String) Description of auth method | ||
- `discovery_ca_pem` (List of String) Optional CA certificate chain to validate the discovery URL. Multiple CA certificates can be specified to support easier rotation | ||
- `display_name` (String) Friendly display name of OIDC auth method | ||
- `list_claim_mappings` (Map of String) Same as claim-mapping but for list values | ||
- `scopes` (List of String) The optional claims scope requested. | ||
- `signing_algs` (List of String) The signing algorithms supported by the OIDC connect server. If this isn't specified, this will default to RS256 since that should be supported according to the RFC. The string values here should be valid OIDC signing algorithms | ||
|
||
### Read-Only | ||
|
||
- `id` (String) The ID of this resource. | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
File renamed without changes.
This file was deleted.
Oops, something went wrong.
14 changes: 0 additions & 14 deletions
14
examples/resources/runner_profile_target_labels/resource.tf
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
resource "waypoint_auth_method_oidc" "okta" { | ||
name = "my-oidc" | ||
display_name = "My OIDC Provider" | ||
client_id = "..." | ||
client_secret = "..." | ||
discovery_url = "https://my-oidc.provider/oauth2/default" | ||
allowed_redirect_urls = [ | ||
"https://localhost:9702/auth/oidc-callback", | ||
] | ||
|
||
auds = [ | ||
"..." | ||
] | ||
|
||
list_claim_mappings = { | ||
groups = "groups" | ||
} | ||
|
||
signing_algs = [ | ||
"rsa512" | ||
] | ||
|
||
discovery_ca_pem = [ | ||
"cert1.crt" | ||
] | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,67 @@ | ||
resource "waypoint_project" "example" { | ||
|
||
project_name = "example" | ||
remote_runners_enabled = false | ||
|
||
data_source_git { | ||
git_url = "https://github.com/hashicorp/waypoint-examples" | ||
git_path = "docker/go" | ||
git_ref = "HEAD" | ||
file_change_signal = "some-signal" | ||
git_poll_interval_seconds = 15 | ||
} | ||
|
||
app_status_poll_seconds = 12 | ||
|
||
project_variables = { | ||
name = "devopsrob" | ||
job = "dev-advocate" | ||
conference = "HashiConf EU 2022" | ||
} | ||
} | ||
|
||
##Git auth ssh example | ||
resource "waypoint_project" "example" { | ||
|
||
project_name = "example" | ||
remote_runners_enabled = true | ||
|
||
data_source_git { | ||
git_url = "https://github.com/hashicorp/waypoint-examples" | ||
git_path = "docker/go" | ||
git_ref = "HEAD" | ||
file_change_signal = "some-signal" | ||
git_poll_interval_seconds = 15 | ||
} | ||
|
||
app_status_poll_seconds = 12 | ||
|
||
project_variables = { | ||
name = "devopsrob" | ||
job = "dev-advocate" | ||
conference = "HashiConf EU 2022" | ||
} | ||
|
||
|
||
git_auth_ssh { | ||
git_user = "devops-rob" | ||
passphrase = "test-password" | ||
ssh_private_key = <<EOF | ||
-----BEGIN RSA PRIVATE KEY----- | ||
MIICXAIBAAKBgQCjcGqTkOq0CR3rTx0ZSQSIdTrDrFAYl29611xN8aVgMQIWtDB/ | ||
lD0W5TpKPuU9iaiG/sSn/VYt6EzN7Sr332jj7cyl2WrrHI6ujRswNy4HojMuqtfa | ||
b5FFDpRmCuvl35fge18OvoQTJELhhJ1EvJ5KUeZiuJ3u3YyMnxxXzLuKbQIDAQAB | ||
AoGAPrNDz7TKtaLBvaIuMaMXgBopHyQd3jFKbT/tg2Fu5kYm3PrnmCoQfZYXFKCo | ||
ZUFIS/G1FBVWWGpD/MQ9tbYZkKpwuH+t2rGndMnLXiTC296/s9uix7gsjnT4Naci | ||
5N6EN9pVUBwQmGrYUTHFc58ThtelSiPARX7LSU2ibtJSv8ECQQDWBRrrAYmbCUN7 | ||
ra0DFT6SppaDtvvuKtb+mUeKbg0B8U4y4wCIK5GH8EyQSwUWcXnNBO05rlUPbifs | ||
DLv/u82lAkEAw39sTJ0KmJJyaChqvqAJ8guulKlgucQJ0Et9ppZyet9iVwNKX/aW | ||
9UlwGBMQdafQ36nd1QMEA8AbAw4D+hw/KQJBANJbHDUGQtk2hrSmZNoV5HXB9Uiq | ||
7v4N71k5ER8XwgM5yVGs2tX8dMM3RhnBEtQXXs9LW1uJZSOQcv7JGXNnhN0CQBZe | ||
nzrJAWxh3XtznHtBfsHWelyCYRIAj4rpCHCmaGUM6IjCVKFUawOYKp5mmAyObkUZ | ||
f8ue87emJLEdynC1CLkCQHduNjP1hemAGWrd6v8BHhE3kKtcK6KHsPvJR5dOfzbd | ||
HAqVePERhISfN6cwZt5p8B3/JUwSR8el66DF7Jm57BM= | ||
-----END RSA PRIVATE KEY----- | ||
EOF | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
## Example with runner labels | ||
resource "waypoint_runner_profile" "target_id" { | ||
profile_name = "example" | ||
oci_url = "hashicorp/waypoint-odr:latest" | ||
plugin_type = "docker" | ||
default = true | ||
target_runner_labels = { | ||
app = "payments" | ||
} | ||
|
||
environment_variables = { | ||
VAULT_ADDR = "https://localhost:8200" | ||
VAULT_CLIENT_TIMEOUT = "30s" | ||
} | ||
} | ||
|
||
## Example with runner id | ||
resource "waypoint_runner_profile" "example" { | ||
profile_name = "example" | ||
oci_url = "hashicorp/waypoint-odr:latest" | ||
plugin_type = "docker" | ||
default = true | ||
target_runner_id = "01G5GNJEYC7RVJNXFGMHD0HCDT" | ||
|
||
environment_variables = { | ||
VAULT_ADDR = "https://localhost:8200" | ||
VAULT_CLIENT_TIMEOUT = "30s" | ||
} | ||
} |
Oops, something went wrong.