diff --git a/cubicweb_rodolf/__pkginfo__.py b/cubicweb_rodolf/__pkginfo__.py
index c721fa8511f627b5905b10924983566d3243e1f6_Y3ViaWN3ZWJfcm9kb2xmL19fcGtnaW5mb19fLnB5..c318766e291a533fbe8edd4d0842208a5a7e5c26_Y3ViaWN3ZWJfcm9kb2xmL19fcGtnaW5mb19fLnB5 100644
--- a/cubicweb_rodolf/__pkginfo__.py
+++ b/cubicweb_rodolf/__pkginfo__.py
@@ -3,7 +3,7 @@
modname = "cubicweb_rodolf"
distname = "cubicweb-rodolf"
-numversion = (0, 1, 1)
+numversion = (0, 2, 0)
version = ".".join(str(num) for num in numversion)
license = "LGPL"
@@ -16,6 +16,7 @@
"cubicweb[postgresql]": ">= 4.6.3,< 5.0.0",
"cubicweb-api": ">= 0.14.0,< 0.15.0",
"cubicweb-file": ">= 4.1.0, < 5.0.0",
+ "cubicweb-oauth2": None,
"rql": ">= 0.43.2, < 1.0.0",
"cubicweb-rq": None,
"cubicweb-s3storage": None,
diff --git a/cubicweb_rodolf/migration/0.2.0_Any.py b/cubicweb_rodolf/migration/0.2.0_Any.py
new file mode 100644
index 0000000000000000000000000000000000000000..c318766e291a533fbe8edd4d0842208a5a7e5c26_Y3ViaWN3ZWJfcm9kb2xmL21pZ3JhdGlvbi8wLjIuMF9BbnkucHk=
--- /dev/null
+++ b/cubicweb_rodolf/migration/0.2.0_Any.py
@@ -0,0 +1,1 @@
+add_cube("oauth2")
diff --git a/deploy/prod_secrets.yaml b/deploy/prod_secrets.yaml
index c721fa8511f627b5905b10924983566d3243e1f6_ZGVwbG95L3Byb2Rfc2VjcmV0cy55YW1s..c318766e291a533fbe8edd4d0842208a5a7e5c26_ZGVwbG95L3Byb2Rfc2VjcmV0cy55YW1s 100644
--- a/deploy/prod_secrets.yaml
+++ b/deploy/prod_secrets.yaml
@@ -3,9 +3,10 @@
redisSessionsSecret: ENC[AES256_GCM,data:06HgZOWPj+IukWSw39jBIA==,iv:phE0bAAxQFF1jluls9bmdcjJFxA0yN7V3j5hRJhe+8Q=,tag:6IXJCNg/SPTjBxSim6U3eg==,type:str]
s3AccessKeyId: ENC[AES256_GCM,data:dzDyGZGhu/sb4aemkc6b2E7T388=,iv:4nDNIGSOROJz7l1JIZW8GQF78HuGq0GDKp++17l6gkM=,tag:pSd5hEFnDnUmldOijZOC8w==,type:str]
s3AccessKeySecret: ENC[AES256_GCM,data:l2a70R1JmTSWDlS+AZD5fg6N2KDSgYRuTHv/tZsPwDbIzCD33VQMEw==,iv:4sFp48HmPspjGDLc1LYp2tCVEI1DrspAS8p/1qe+RMg=,tag:+8F2glqxZf2FBnJZrwGc5Q==,type:str]
+oauth2ClientSecret: ENC[AES256_GCM,data:2b5QPDGF9eB78LQGD9FqBZ48xnqwWtZa1pzSsD0DGAs=,iv:tl66M+7eBZR4+SP17QxkSJP4zGFi00L5+8bHvNoMxgQ=,tag:fKVqbr+HiQ4mBftUAxEvYQ==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age: []
@@ -6,11 +7,11 @@
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age: []
- lastmodified: "2024-03-20T14:25:04Z"
- mac: ENC[AES256_GCM,data:6WdkS2+wQiv3QefobLtU6xyg4y1znWWpbxdt7E9RRo4/IL240SpXBjGe3cIxW/qlSBIhPv8xZEYVNLeUNjVoKJmbKakOmIiG2weiqiKOMGVQKhbhYCl/BEwlYkKbtgdfTWcz1DyjlnAAvOnU3r/nRuWtvx2zWX4QLWWqvkQMVw0=,iv:Ku7HnM/gT0i//pgzY2jrP2/wh0e/lhzSsvCas27v2t4=,tag:cbsmcKlkLUORvuzsnAdFDQ==,type:str]
+ lastmodified: "2024-03-28T10:44:46Z"
+ mac: ENC[AES256_GCM,data:xdhd+SDWwyNGfWszbySTXMEdMR7iI4aks3N3jt3wpVADJyjIGH9d3AC2G56qwogoxCWaj/O1W6Szy4jiafDZJ+geYxCpnYslC23AFQaC9SPElPLmnOpD21lodVRYegoT0Y8SmVqPNjrYolZd79sPSr2aStYL2ZTzafbPcDT+pKA=,iv:sNc8HgfaBZj1qHmAZGdv4Fwv3wvCosLZPlULRjO3jHg=,tag:m7i8qSdIElZAmLI77/TbDw==,type:str]
pgp:
- created_at: "2024-02-06T15:50:27Z"
enc: |-
diff --git a/deploy/values.yaml.gotmpl b/deploy/values.yaml.gotmpl
index c721fa8511f627b5905b10924983566d3243e1f6_ZGVwbG95L3ZhbHVlcy55YW1sLmdvdG1wbA==..c318766e291a533fbe8edd4d0842208a5a7e5c26_ZGVwbG95L3ZhbHVlcy55YW1sLmdvdG1wbA== 100644
--- a/deploy/values.yaml.gotmpl
+++ b/deploy/values.yaml.gotmpl
@@ -35,6 +35,10 @@
CW_DB_USER: rodolf
PYRAMID_API_ENABLE_LOGIN_ROUTE: "yes"
RODOLF_S3_BUCKET: rodolf
+ CW_OAUTH2_FORCE_LOGIN=yes
+ CW_OAUTH2_CLIENT_ID=rodolf-api.k.intra.logilab.fr
+ CW_OAUTH2_ENABLED=yes
+ CW_OAUTH2_SERVER_URL=https://auth.logilab.fr/auth/realms/logilab
secretEnv:
AWS_ACCESS_KEY_ID: {{ .StateValues.s3AccessKeyId }}
@@ -42,6 +46,7 @@
CW_PASSWORD: {{ .StateValues.cwPassword }}
CW_DB_PASSWORD: {{ .StateValues.cwDbPassword }}
REDIS_SESSIONS_SECRET: {{ .StateValues.redisSessionsSecret }}
+ CW_OAUTH2_CLIENT_SECRET: {{ .StateValues.oauth2ClientSecret }}
web-app:
host: {{ .StateValues.frontHost }}