Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dependency-track Azure OpenId configuration #153

Closed
iamrahul127 opened this issue Mar 21, 2022 · 11 comments
Closed

dependency-track Azure OpenId configuration #153

iamrahul127 opened this issue Mar 21, 2022 · 11 comments
Labels
question Further information is requested stale

Comments

@iamrahul127
Copy link

iamrahul127 commented Mar 21, 2022
edited
Loading

Dear Team, Thank you for excellent work. Let me apologize using bug template but I don't see any template which can be used for asking question.
I am trying to integrate dependency-track with Azuer OpenId and not sure how to do that as there is no single consolidated documentation available. I looked into multiple sources and got confused to be honest. Following is my finding and lots of questions may be :).

  1. Default values.yaml 
      frontend:
  enabled: true
  replicaCount: 2
  image:
    repository: dependencytrack/frontend
    tag: 4.4.0
    pullPolicy: IfNotPresent    
    configmap:
    config: |
      {
          "API_BASE_URL": "",
          "OIDC_ISSUER": "",
          "OIDC_CLIENT_ID": "",
          "OIDC_SCOPE": "openid profile email",
          "OIDC_FLOW": ""
     }    
  env:
    - name: API_BASE_URL
      value: ""
  2. Is it possible to configure OpenId integration using config map shown above? Do we need to refer https://docs.dependencytrack.org/getting-started/configuration/.
  3. Do we need to set API_BASE_URL? I am using nginx proxy so not providing any.
  4. Then so get additional help, I googled and come across How to setup OIDC with Azure AD? DependencyTrack/dependency-track#1104 (reply in thread).
    This has added more confusion as it has more environment variable for apiserver & frontend server.

What I am looking for is concreate steps which enables me to configure the integration. I promise to update documentation with exact steps and create the PR for you. You can directly reach out to me in Tietoevry.

Regards
Rahul Mahulkar
@davidkarlsen
Copy link
Collaborator

@iamrahul127 can you format the issue properly in order to make it more readable: https://docs.github.com/en/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax

@davidkarlsen davidkarlsen added the question Further information is requested label Mar 21, 2022
@iamrahul127
Copy link
Author

Done.

@davidkarlsen
Copy link
Collaborator

davidkarlsen commented Mar 21, 2022
edited
Loading

Try this config:

 frontend:
      replicaCount: 1
      env:
      - name: OIDC_ISSUER
        value: "https://login.microsoftonline.com/<TENANTID>/v2.0"
      - name: OIDC_CLIENT_ID
        value: <theClientId>
      - name: OIDC_SCOPE
        value: "openid profile email"
  apiserver:
      env:
      - name: ALPINE_OIDC_CLIENT_ID
        value: <theClientId>
      - name: ALPINE_OIDC_ENABLED
        value: "true"
      - name: ALPINE_OIDC_ISSUER
        value: "https://login.microsoftonline.com/<TENANTID>/v2.0"
      - name: ALPINE_OIDC_USERNAME_CLAIM
        value: email
      - name: ALPINE_OIDC_USER_PROVISIONING
        value: "true"

@iamrahul127
Copy link
Author

It worked perfectly. Thank you. Following are the other changes I did.

  1. In azure portal.
    App Registrations -> -> Authentication -> Registered "https://dependencytrack.somedomain.com/static/oidc-callback.html as Redirect URI. Initially, I registered redirect URI for 'Web' which was wrong.
  2. I added "OIDC_LOGIN_BUTTON_TEXT" env variable under frontend to customize "OpenID" button text.

I see a opportunity of updating values.yaml and readme here. I will be happy to create PR. Shall I create the one?

@davidkarlsen
Copy link
Collaborator

It worked perfectly. Thank you. Following are the other changes I did.

  1. In azure portal.
    App Registrations -> -> Authentication -> Registered "dependencytrack.somedomain.com/static/oidc-callback.html as Redirect URI. Initially, I registered redirect URI for 'Web' which was wrong.
  2. I added "OIDC_LOGIN_BUTTON_TEXT" env variable under frontend to customize "OpenID" button text.

I see a opportunity of updating values.yaml and readme here. I will be happy to create PR. Shall I create the one?

Sure, document it in an "OIDC" section in the readme, and commented out values in the values.yaml

@davidkarlsen
Copy link
Collaborator

@iamrahul127 bump

@iamrahul127
Copy link
Author

Will create PR this week. On my task list but has quite busy last week.

@iamrahul127
Copy link
Author

Sure, document it in an "OIDC" section in the readme,

I see that charts\dependency-track\README.md is autogenerated using helm-doc. Shall I add OIDC section in this README.md file?

@iamrahul127
Copy link
Author

@davidkarlsen Please let me know which readme to update.

@davidkarlsen
Copy link
Collaborator

ah, just add a new file OIDC.md

@davidkarlsen
Copy link
Collaborator

stale

@davidkarlsen davidkarlsen closed this as not planned Won't fix, can't repro, duplicate, stale Oct 24, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question Further information is requested stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@davidkarlsen @iamrahul127