Configure OIDC, make idempotent, fix bugs. Claude.ai

2026-02-25 13:20:12 -05:00
parent 995b7c4070
commit d981b69669
23 changed files with 2269 additions and 760 deletions
--- a/roles/sno_deploy/vars/main.yml
+++ b/roles/sno_deploy/vars/main.yml
@@ -0,0 +1,13 @@
+---
+# Computed internal variables - do not override
+__sno_deploy_oc: "{{ oc_binary | default('oc') }}"
+__sno_deploy_kubeconfig: "{{ sno_install_dir }}/auth/kubeconfig"
+__sno_deploy_oidc_secret_name: "{{ oidc_provider_name | lower }}"
+__sno_deploy_oidc_ca_configmap_name: "{{ oidc_provider_name }}-oidc-ca-bundle"
+__sno_deploy_oidc_redirect_uri: "https://oauth-openshift.apps.{{ ocp_cluster_name }}.{{ ocp_base_domain }}/oauth2callback/{{ oidc_provider_name }}"
+__sno_deploy_oidc_issuer: "{{ keycloak_url }}{{ keycloak_context }}/realms/{{ keycloak_realm }}"
+__sno_deploy_api_hostname: "api.{{ ocp_cluster_name }}.{{ ocp_base_domain }}"
+__sno_deploy_apps_wildcard: "*.apps.{{ ocp_cluster_name }}.{{ ocp_base_domain }}"
+__sno_deploy_letsencrypt_server_url: >-
+  {{ sno_deploy_letsencrypt_use_staging | bool |
+     ternary(sno_deploy_letsencrypt_staging_server, sno_deploy_letsencrypt_server) }}