mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
61 lines
2.4 KiB
Plaintext
61 lines
2.4 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * osd_install_access_delete_cluster/config-identity-providers.adoc
|
|
// * rosa_install_access_delete_clusters/rosa-sts-config-identity-providers.adoc
|
|
// * rosa_install_access_delete_clusters/rosa_getting_started_iam/rosa-config-identity-providers.adoc
|
|
|
|
:_mod-docs-content-type: PROCEDURE
|
|
[id="config-gitlab-idp_{context}"]
|
|
= Configuring a GitLab identity provider
|
|
|
|
|
|
Configure a GitLab identity provider to use link:https://gitlab.com/[GitLab.com] or any other GitLab instance as an identity provider.
|
|
|
|
.Prerequisites
|
|
|
|
- If you use GitLab version 7.7.0 to 11.0, you connect using the link:http://doc.gitlab.com/ce/integration/oauth_provider.html[OAuth integration]. If you use GitLab version 11.1 or later, you can use link:https://docs.gitlab.com/ce/integration/openid_connect_provider.html[OpenID Connect] (OIDC) to connect instead of OAuth.
|
|
|
|
.Procedure
|
|
|
|
. From {cluster-manager-url}, navigate to the *Cluster List* page and select the cluster that you need to configure identity providers for.
|
|
|
|
. Click the *Access control* tab.
|
|
|
|
. Click *Add identity provider*.
|
|
+
|
|
[NOTE]
|
|
====
|
|
You can also click the *Add Oauth configuration* link in the warning message displayed after cluster creation to configure your identity providers.
|
|
====
|
|
|
|
. Select *GitLab* from the drop-down menu.
|
|
|
|
. Enter a unique name for the identity provider. This name cannot be changed later.
|
|
** An *OAuth callback URL* is automatically generated in the provided field. You will provide this URL to GitLab.
|
|
+
|
|
----
|
|
https://oauth-openshift.apps.<cluster_name>.<cluster_domain>/oauth2callback/<idp_provider_name>
|
|
----
|
|
+
|
|
For example:
|
|
+
|
|
----
|
|
https://oauth-openshift.apps.openshift-cluster.example.com/oauth2callback/gitlab
|
|
----
|
|
|
|
. link:https://docs.gitlab.com/ee/integration/oauth_provider.html[Add a new application in GitLab].
|
|
|
|
. Return to {product-title} and select a mapping method from the drop-down menu. *Claim* is recommended in most cases.
|
|
|
|
. Enter the *Client ID* and *Client secret* provided by GitLab.
|
|
|
|
. Enter the *URL* of your GitLab provider.
|
|
|
|
. Optional: You can use a certificate authority (CA) file to validate server certificates for the configured GitLab URL. Click *Browse* to locate and attach a *CA file* to the identity provider.
|
|
|
|
. Click *Confirm*.
|
|
|
|
.Verification
|
|
|
|
* The configured identity provider is now visible on the *Access control* tab of the *Cluster List* page.
|