Skip to content

Commit

Permalink
[CloudBank] Demo Hub: Test GitHub Auth
Browse files Browse the repository at this point in the history
  • Loading branch information
sean-morris committed Jul 12, 2023
1 parent 64b90ef commit deb561e
Show file tree
Hide file tree
Showing 3 changed files with 45 additions and 13 deletions.
2 changes: 1 addition & 1 deletion config/clusters/cloudbank/cluster.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,7 @@ hubs:
helm_chart_values_files:
- common.values.yaml
- demo.values.yaml
- enc-demo.secret.values.yaml
- enc-demo-git.secret.values.yaml
- name: fresno
display_name: "Fresno City College"
domain: fresno.cloudbank.2i2c.cloud
Expand Down
36 changes: 24 additions & 12 deletions config/clusters/cloudbank/demo.values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -35,21 +35,33 @@ jupyterhub:
hub:
config:
JupyterHub:
authenticator_class: cilogon
CILogonOAuthenticator:
authenticator_class: github
GitHubOAuthenticator:
oauth_callback_url: https://demo.cloudbank.2i2c.cloud/hub/oauth_callback
username_claim: email
allowed_organizations:
- 2i2c-org
- ahs-cs-a
scope:
- read:user
Authenticator:
# These folks should still have admin tho
admin_users:
- [email protected]
- [email protected]
- [email protected]
# We only want 2i2c users and users with .edu emails to sign up
# Protects against cryptominers - https://github.com/2i2c-org/infrastructure/issues/1216
# FIXME: This doesn't account for educational institutions that have emails that don't end in .edu,
# as is the case for some non-euroamerican universities.
username_pattern: '^(.+@2i2c\.org|.+\.edu|kalkeab@gmail\.com|deployment-service-check)$'
- sean-morris
# JupyterHub:
# authenticator_class: cilogon
# CILogonOAuthenticator:
# oauth_callback_url: https://demo.cloudbank.2i2c.cloud/hub/oauth_callback
# username_claim: email
# Authenticator:
# # These folks should still have admin tho
# admin_users:
# - [email protected]
# - [email protected]
# - [email protected]
# # We only want 2i2c users and users with .edu emails to sign up
# # Protects against cryptominers - https://github.com/2i2c-org/infrastructure/issues/1216
# # FIXME: This doesn't account for educational institutions that have emails that don't end in .edu,
# # as is the case for some non-euroamerican universities.
# username_pattern: '^(.+@2i2c\.org|.+\.edu|kalkeab@gmail\.com|deployment-service-check)$'
cull:
# Cull after 30min of inactivity
every: 300
Expand Down
20 changes: 20 additions & 0 deletions config/clusters/cloudbank/enc-demo-git.secret.values.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
jupyterhub:
hub:
config:
GitHubOAuthenticator:
client_id: ENC[AES256_GCM,data:hUklCIxzn0DcTn/8wAvOsjjhbPQ=,iv:3Q8M39+RWKsFW1zoYwtfcKwgyqrCn0gD5kCYpV34f9s=,tag:3X8XVvk7R7CZ8A9r7c6Xyw==,type:str]
client_secret: ENC[AES256_GCM,data:KH39Ztj5k2y8O1isRUlq+C7HTKLZL3bKNMACHTDf1b/+Oj02ugimdQ==,iv:DziFESpFqBbW9G7DNfc/hGASWtwbWllJwfN+UBEbkFI=,tag:YaO3M2Qm5O+/Xr/wt/p+IQ==,type:str]
sops:
kms: []
gcp_kms:
- resource_id: projects/two-eye-two-see/locations/global/keyRings/sops-keys/cryptoKeys/similar-hubs
created_at: "2023-07-12T20:19:09Z"
enc: CiUA4OM7eJBb2i/RPXWo7DMEXza9Vju41ArGS8HMJVjCqNMOIaizEkkAyiwFHAiA3YVIV/4nAQ16WlStbzseuh0zo+TPrytupbVkm1XoaGopSE+ALGwPeZOfb5Jsjd7PcW9U4NfT9utJEaES4pi89hnz
azure_kv: []
hc_vault: []
age: []
lastmodified: "2023-07-12T20:19:09Z"
mac: ENC[AES256_GCM,data:gx+rKkMlzVRJhA5mD4AJ8IYPqUhSUiADZQaSzyrnIfh1P/45sdPE5oQsLpQvHFo7DU2n0D8igS6BFl/6vVNkKTtC4Bybqyryqg2MY0+lsRwKW6yzID0AqfkkBl1f9zh7wHD2nLmn4ysH97roxIjWGUh1bLrk4fg5w6PxrIO5Z9g=,iv:pzl2CJ8EhPWUkJDFR/yP55Ly9pbl26AoPFWokrAzBrE=,tag:JKEjUqeVrEUZoq9tMaY+Fw==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.1

0 comments on commit deb561e

Please sign in to comment.