To solve the problem of oes-SAPOR and spinnaker’s spin-gate communication, the following model is being proposed.
- Create another gate called “sapor-gate”, which is essentially a replica of spin-gate
- Replace the authentication of this gate with “basic authentication”, allowing us to provide a username and a password.
- Basic authentication takes a username and a password. Only the “username” needs to match the admin-user in the real, authenticated spin-gate. Password can be any generic password as only oes-sapor would use it to communicate with the sapor-gate
All these steps can be done by cloning this repo and following the steps below.
- quay.io/opsmxpublic/ubi8-oes-sapor:v3.6.2.1
- kubectl set image deployment/oes-sapor oes-sapor=quay.io/opsmxpublic/ubi8-oes-sapor:v3.6.2.1
- spinnaker.yml: baseUrl: redis://:password@oes-redis-master:6379 --- Redis URL
Edit gate-local.yml and edit the username and password, in plain text
- kubectl delete secret sapor-gate-files IF THIS EXISTS
- kubectl create secret generic sapor-gate-files --from-file gate-local.yml --from-file gate-overrides.yml --from-file gate.yml --from-file sapor-gate-svc.yaml --from-file spinnakerconfig.yml --from-file spinnaker.yml --dry-run -o yaml > basic-auth-secret.yaml
- kubectl apply -f basic-auth-secret.yaml
- kubectl apply -f basic-auth-gate.yaml
- kubectl apply -f sapor-gate-svc.yaml
- echo -ne "username:password" | base64 -w0 REPLACE username:password as appropriate
- use http://sapor-gate:8084 as the spinnaker url
- Select LDAP, and enter password as the base64 encoded string above
Once saved, please wait for two minutes and click on Setup->Application->Sync Spinnaker Applications (top right)