-
Notifications
You must be signed in to change notification settings - Fork 2
/
onelogin.yml
70 lines (64 loc) · 1.95 KB
/
onelogin.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
- hosts: localhost
gather_facts: no
vars_files: private-vars.yml
tasks:
- name: get a onelogin oath2 token and base vars
import_role:
name: onelogin_token
vars:
onelogin_token_client_id: "{{ onelogin_client_id }}"
onelogin_token_client_secret: "{{ onelogin_client_secret }}"
tags: always
- name: get id of default role
include_role:
name: onelogin_role
apply:
tags: always
tags: always
- name: get base tower SAML configuration
include_role:
name: tower_saml
apply:
tags: always
vars:
tower_saml_host: "{{ tower_url }}"
tower_saml_username: "{{ tower_api_user }}"
tower_saml_password: "{{ tower_api_password }}"
tower_saml_vars_only: true
tags: always
- name: create/update onelogin app
include_role:
name: onelogin_app
apply:
tags: apps
vars:
onelogin_app_name: "{{ saml_app_name }}"
onelogin_app_description: "{{ saml_app_description }}"
onelogin_app_saml_consumer_url: "{{ tower_saml_callback_url }}"
onelogin_app_saml_recipient_url: "{{ tower_saml_callback_url }}"
onelogin_app_saml_audience: "{{ saml_audience }}"
tags: apps
- name: create/update onelogin users
include_role:
name: onelogin_user
apply:
tags: users
vars:
onelogin_user_data: "{{user_data}}"
onelogin_user_role_id: "{{ onelogin_role_default_id }}"
tags: users
- name: complete tower configuration
include_role:
name: tower_saml
apply:
tags: tower
vars:
tower_saml_host: "{{ tower_url }}"
tower_saml_username: "{{ tower_api_user }}"
tower_saml_password: "{{ tower_api_password }}"
tower_saml_audience: "{{ saml_audience }}"
tower_saml_issuer_metadata_url: "{{ onelogin_app_issuer_url }}"
tower_saml_endpoint_url: "{{ onelogin_app_acs_url }}"
tower_saml_cert: "{{ onelogin_app_certificate_str }}"
tags: tower
...