docs: add harbor integration, cleanup

This commit is contained in:
Jens Langhammer 2019-12-13 15:36:09 +01:00
parent 6a520a5697
commit 307b04f4ca
4 changed files with 50 additions and 9 deletions

View File

@ -1,6 +1,12 @@
# GitLab Integration
GitLab can authenticate against passbook using SAML.
## What is GitLab
From https://about.gitlab.com/what-is-gitlab/
```
GitLab is a complete DevOps platform, delivered as a single application. This makes GitLab unique and makes Concurrent DevOps possible, unlocking your organization from the constraints of a pieced together toolchain. Join us for a live Q&A to learn how GitLab can give you unmatched visibility and higher levels of efficiency in a single application across the DevOps lifecycle.
```
## Preparation
@ -11,9 +17,9 @@ The following placeholders will be used:
Create an application in passbook and note the slug, as this will be used later. Create a SAML Provider with the following Parameters:
- `ACS URL`: https://gitlab.company/users/auth/saml/callback
- `Audience`: https://gitlab.company
- `Issuer`: https://gitlab.company
- ACS URL: `https://gitlab.company/users/auth/saml/callback`
- Audience: `https://gitlab.company`
- Issuer: `https://gitlab.company`
You can of course use a custom Signing Certificate, and adjust the Assertion Length. To get the value for `idp_cert_fingerprint`, you can use a tool like [this](https://www.samltool.com/fingerprint.php).

Binary file not shown.

After

Width:  |  Height:  |  Size: 348 KiB

View File

@ -0,0 +1,28 @@
# Harbor Integration
## What is Harbor
From https://goharbor.io
```
Harbor is an open source container image registry that secures images with role-based access control, scans images for vulnerabilities, and signs images as trusted. A CNCF Incubating project, Harbor delivers compliance, performance, and interoperability to help you consistently and securely manage images across cloud native compute platforms like Kubernetes and Docker.
```
## Preparation
The following placeholders will be used:
- `harbor.company` is the FQDN of the Harbor Install
- `passbook.company` is the FQDN of the passbook Install
Create an application in passbook. Create an OpenID Provider with the following Parameters:
- Client Type: `Confidential`
- Response types: `code (Authorization Code Flow)`
- JWT Algorithm: `RS256`
- Redirect URIs: `https://harbor.company/c/oidc/callback`
- Scopes: `openid`
## Harbor
![](./harbor.png)

View File

@ -1,6 +1,13 @@
# Rancher Integration
Rancher can authenticate against passbook using SAML.
## What is Rancher
From https://rancher.com/products/rancher
```
An Enterprise Platform for Managing Kubernetes Everywhere
Rancher is a platform built to address the needs of the DevOps teams deploying applications with Kubernetes, and the IT staff responsible for delivering an enterprise-critical service.
```
## Preparation
@ -11,12 +18,12 @@ The following placeholders will be used:
Create an application in passbook and note the slug, as this will be used later. Create a SAML Provider with the following Parameters:
- `ACS URL`: https://rancher.company/v1-saml/adfs/saml/acs
- `Audience`: https://rancher.company/v1-saml/adfs/saml/metadata
- `Issuer`: passbook
- ACS URL: `https://rancher.company/v1-saml/adfs/saml/acs`
- Audience: `https://rancher.company/v1-saml/adfs/saml/metadata`
- Issuer: `passbook`
You can of course use a custom Signing Certificate, and adjust the Assertion Length.
## Rancher
![aaa](./rancher.png)
![](./rancher.png)