Skip to content

Commit

Permalink
chore: use new Auth0 app for CI
Browse files Browse the repository at this point in the history
Store client ID and domain encrypted.

Signed-off-by: Artem Chernyshev <[email protected]>
  • Loading branch information
Unix4ever committed May 6, 2024
1 parent 23d5532 commit f40c552
Show file tree
Hide file tree
Showing 3 changed files with 14 additions and 6 deletions.
6 changes: 4 additions & 2 deletions .secrets.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
secrets:
AUTH0_TEST_USERNAME: ENC[AES256_GCM,data:lPddHbDVfWxaEW7ujLDnWdhIBMFj2hcp,iv:oG3Ebn8ym7g/Z7L3A3BTHRHIk+zzblZKvzMKYMPSfWI=,tag:wV7xJWbnLrj/UWj0fGGQCw==,type:str]
AUTH0_TEST_PASSWORD: ENC[AES256_GCM,data:3tgQjqv5ktdnnGUQw5Lpuw==,iv:F8zYxqk5P0tV1Pvt6QBlho8H0wuX+K91pgwLzF+4kC8=,tag:HJ4s14d/u2KyP780wFDk/w==,type:str]
AUTH0_CLIENT_ID: ENC[AES256_GCM,data:HevA8uFKCOPF8W/FRjSo/pyUFN66eXwvAxaqT5LdnT0=,iv:qpWNjsRSZ28lWQJGfMoGQvLY8KRKWv1dhR07vCgIvIU=,tag:x5BS26iacdBMv2ZkdCdr3A==,type:str]
AUTH0_DOMAIN: ENC[AES256_GCM,data:2vv9ay+hC1kN46MG8E0v1Z3G7Dm0hMmLx1/AWg==,iv:9thZflFQ1yhf0jH3u6Om7RV7Y/qYzrTf82hoYrDvyG0=,tag:BUNuHJobt/NoR5FFQBIbIQ==,type:str]
sops:
kms: []
gcp_kms: []
Expand All @@ -16,8 +18,8 @@ sops:
NXI3VkxLU0htQUZ0Ry8rYUpLTnNXYlkKzfLUus7SkKBEj+oG3f7NBe+6UVidpxRd
OvOSqsACIUJJnRdfs8/X5Jbvruz38Zt3dYR436NFo2IHtYUdHIHO3Q==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-04-18T17:04:12Z"
mac: ENC[AES256_GCM,data:5/rb0mtPxV7llLsWZYKpRw6EZptcLCcBCl9g5De1z7IBfvFnvs/kiZr2Q/mZtewveVACEuy9K+cy4hPuf1o1QjdVhrLh+nMj5rb0WQtuHDMhEI8Jz/BEJoXvkg29UE3Ow09n4BCo3aQ0y9v+Lep5Y16HlYzo5HLHvU+vuGXL+zw=,iv:YQyTbs0E8sylUP4nAnDCVn452Cw44YSD5vGJeNngHzc=,tag:hSVilzB800vvjv7bb12klg==,type:str]
lastmodified: "2024-05-06T09:52:57Z"
mac: ENC[AES256_GCM,data:4qmhG/liKJdnEBxvvnxnpb9xJpS8GGjCAHGUVM4dGtYY5+TkfgnSQyvVdg88Ag16nMDTBEeRJO6VfOYD/Wx/PfIYnajhxRm3ZYuPPSJ5t0LGqRryUtR9vJTtHuTew5gjX8FCTvjiGJzqcfTiq11HhN3Xyu7VNwwan50QUvz5oKY=,iv:Rc0/1kH74ahBkNygwFrOZymWMnPj3VCQZ7wBi1d7Rzc=,tag:Cgdjhlc24S2gklSKYe5mPw==,type:str]
pgp:
- created_at: "2024-04-18T18:21:00Z"
enc: |-
Expand Down
8 changes: 6 additions & 2 deletions hack/generate-certs.example.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,13 @@ email: [email protected]
host: localhost
additional-hosts: []
bind_addr: 0.0.0.0:443
client-id: jS47T064CfFE1IqqIYZ8HfYLkZhFoa1Y
auth0-domain: sidero-omni-dev.us.auth0.com
pprof-bind-addr: 0.0.0.0:2135

# auth0 client id and domain is used to enable authentication flow
# you can create a free dev account in Auth0 and create an app there
# client-id: <client-id>
# auth0-domain: <auth0-domain>

# registry-mirrors: # optional, but speeds up deployments a lot
# docker.io: http://172.20.0.1:5000
# k8s.gcr.io: http://172.20.0.1:5001
Expand Down
6 changes: 4 additions & 2 deletions hack/test/integration.sh
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,8 @@ export AUTH_USERNAME="${AUTH0_TEST_USERNAME}"
export AUTH_PASSWORD="${AUTH0_TEST_PASSWORD}"
export BASE_URL=https://localhost:8099/
export VIDEO_DIR=""
export AUTH0_CLIENT_ID="${AUTH0_CLIENT_ID}"
export AUTH0_DOMAIN="${AUTH0_DOMAIN}"

# Create omnictl downloads directory (required by the server) and copy the omnictl binaries in it.
mkdir -p omnictl
Expand All @@ -97,8 +99,8 @@ nice -n 10 ${ARTIFACTS}/omni-linux-amd64 \
--siderolink-api-advertised-url "grpc://$LOCAL_IP:8090" \
--auth-auth0-enabled true \
--advertised-api-url "${BASE_URL}" \
--auth-auth0-client-id jS47T064CfFE1IqqIYZ8HfYLkZhFoa1Y \
--auth-auth0-domain sidero-omni-dev.us.auth0.com \
--auth-auth0-client-id "${AUTH0_CLIENT_ID}" \
--auth-auth0-domain "${AUTH0_DOMAIN}" \
--initial-users "${AUTH_USERNAME}" \
--private-key-source "vault://secret/omni-private-key" \
--public-key-files "internal/backend/runtime/omni/testdata/pgp/new_key.public" \
Expand Down

0 comments on commit f40c552

Please sign in to comment.