docs: update sentry and awx integrations
This commit is contained in:
parent
fe4a0c3b44
commit
d8530f238d
Binary file not shown.
After Width: | Height: | Size: 316 KiB |
|
@ -15,27 +15,31 @@ From https://sentry.io
|
||||||
|
|
||||||
The following placeholders will be used:
|
The following placeholders will be used:
|
||||||
|
|
||||||
- `sentry.company` is the FQDN of the Sentry install.
|
- `sentry.company` is the FQDN of the Sentry install.
|
||||||
- `passbook.company` is the FQDN of the passbook install.
|
- `passbook.company` is the FQDN of the passbook install.
|
||||||
|
|
||||||
Create an application in passbook. Create an OpenID provider with the following parameters:
|
Create an application in passbook. Create a SAML Provider with the following values
|
||||||
|
|
||||||
- Client Type: `Confidential`
|
- ACS URL: `https://sentry.company/saml/acs/<sentry organisation name>/`
|
||||||
- Response types: `code (Authorization Code Flow)`
|
- Audience: `https://sentry.company/saml/metadata/<sentry organisation name>/`
|
||||||
- JWT Algorithm: `RS256`
|
- Issuer: `passbook`
|
||||||
- Redirect URIs: `https://sentry.company/auth/sso/`
|
- Service Provider Binding: `Post`
|
||||||
- Scopes: `openid email`
|
- Property Mapping: Select all Autogenerated Mappings
|
||||||
|
|
||||||
## Sentry
|
## Sentry
|
||||||
|
|
||||||
**This guide assumes you've installed Sentry using [getsentry/onpremise](https://github.com/getsentry/onpremise)**
|
**This guide assumes you've installed Sentry using [getsentry/onpremise](https://github.com/getsentry/onpremise)**
|
||||||
|
|
||||||
- Add `sentry-auth-oidc` to `onpremise/sentry/requirements.txt` (Create the file if it doesn't exist yet)
|
Navigate to Settings -> Auth, and click on Configure next to SAML2
|
||||||
- Add the following block to your `onpremise/sentry/sentry.conf.py`:
|
|
||||||
```
|
![](./auth.png)
|
||||||
OIDC_ISSUER = "passbook"
|
|
||||||
OIDC_CLIENT_ID = "<Client ID from passbook>"
|
In passbook, get the Metadata URL by right-clicking `Download Metadata` and selecting Copy Link Address, and paste that URL into Sentry.
|
||||||
OIDC_CLIENT_SECRET = "<Client Secret from passbook>"
|
|
||||||
OIDC_SCOPE = "openid email"
|
On the next screen, input these Values
|
||||||
OIDC_DOMAIN = "https://passbook.company/application/oidc/"
|
|
||||||
```
|
IdP User ID: `urn:oid:0.9.2342.19200300.100.1.1`
|
||||||
|
User Email: `urn:oid:0.9.2342.19200300.100.1.3`
|
||||||
|
First Name: `urn:oid:2.5.4.3`
|
||||||
|
|
||||||
|
After confirming, Sentry will authenticate with passbook, and you should be redirected back to a page confirming your settings.
|
||||||
|
|
|
@ -16,14 +16,15 @@ From https://docs.ansible.com/ansible/2.5/reference_appendices/tower.html
|
||||||
|
|
||||||
The following placeholders will be used:
|
The following placeholders will be used:
|
||||||
|
|
||||||
- `awx.company` is the FQDN of the AWX/Tower install.
|
- `awx.company` is the FQDN of the AWX/Tower install.
|
||||||
- `passbook.company` is the FQDN of the passbook install.
|
- `passbook.company` is the FQDN of the passbook install.
|
||||||
|
|
||||||
Create an application in passbook and note the slug, as this will be used later. Create a SAML provider with the following parameters:
|
Create an application in passbook and note the slug, as this will be used later. Create a SAML provider with the following parameters:
|
||||||
|
|
||||||
- ACS URL: `https://awx.company/sso/complete/saml/`
|
- ACS URL: `https://awx.company/sso/complete/saml/`
|
||||||
- Audience: `awx`
|
- Audience: `awx`
|
||||||
- Issuer: `https://awx.company/sso/metadata/saml/`
|
- Service Provider Binding: Post
|
||||||
|
- Issuer: `https://awx.company/sso/metadata/saml/`
|
||||||
|
|
||||||
You can of course use a custom signing certificate, and adjust durations.
|
You can of course use a custom signing certificate, and adjust durations.
|
||||||
|
|
||||||
|
|
Reference in New Issue