This patch is adding the OIDC scopes needed for pagure.io APIs.
This is needed for https://pagure.io/fedora-infrastructure/issue/6751
--- roles/ipsilon/files/oidc_scopes/pagure.py | 86 +++++++++++++++++++++++++++++++ 1 file changed, 86 insertions(+) create mode 100644 roles/ipsilon/files/oidc_scopes/pagure.py
diff --git a/roles/ipsilon/files/oidc_scopes/pagure.py b/roles/ipsilon/files/oidc_scopes/pagure.py new file mode 100644 index 000000000..6fd70e202 --- /dev/null +++ b/roles/ipsilon/files/oidc_scopes/pagure.py @@ -0,0 +1,86 @@ +from __future__ import absolute_import + +from ipsilon.providers.openidc.plugins.common import OpenidCExtensionBase + + +class OpenidCExtension(OpenidCExtensionBase): + name = 'pagure' + display_name = 'Pagure.io' + scopes = { + 'https://pagure.io/oidc/pull_request_merge': { + 'display_name': 'Permission to merge a pull-request', + 'claims': [], + }, + 'https://pagure.io/oidc/pull_request_close': { + 'display_name': 'Permission to close a pull-request', + 'claims': [], + }, + 'https://pagure.io/oidc/pull_request_comment': { + 'display_name': 'Permission to comment a pull-request', + 'claims': [], + }, + 'https://pagure.io/oidc/pull_request_flag': { + 'display_name': 'Permission to flag a pull-request with a CI status', + 'claims': [], + }, + 'https://pagure.io/oidc/pull_request_subscribe': { + 'display_name': 'Permission to subscribe a user to a pull-request', + 'claims': [], + }, + 'https://pagure.io/oidc/pull_request_create': { + 'display_name': 'Permission to create a pull-request', + 'claims': [], + }, + 'https://pagure.io/oidc/issue_create': { + 'display_name': 'Permission to create an issue', + 'claims': [], + }, + 'https://pagure.io/oidc/issue_update': { + 'display_name': 'Permission to update an issue', + 'claims': [], + }, + 'https://pagure.io/oidc/issue_change_status': { + 'display_name': 'Permission to change the status of an issue', + 'claims': [], + }, + 'https://pagure.io/oidc/issue_update_milestone': { + 'display_name': 'Permission to update the milestone of an issue', + 'claims': [], + }, + 'https://pagure.io/oidc/issue_comment': { + 'display_name': 'Permission to comment on an issue', + 'claims': [], + }, + 'https://pagure.io/oidc/issue_assign': { + 'display_name': 'Permission to assign an issue to a user', + 'claims': [], + }, + 'https://pagure.io/oidc/issue_subscribe': { + 'display_name': 'Permission to subscribe a user to an issue', + 'claims': [], + }, + 'https://pagure.io/oidc/issue_update_custom_fields': { + 'display_name': 'Permission to update an issue custom fields', + 'claims': [], + }, + 'https://pagure.io/oidc/create_project': { + 'display_name': 'Permission to create a project', + 'claims': [], + }, + 'https://pagure.io/oidc/modify_project': { + 'display_name': 'Permission to modify a project', + 'claims': [], + }, + 'https://pagure.io/oidc/fork_project': { + 'display_name': 'Permission to fork a project', + 'claims': [], + }, + 'https://pagure.io/oidc/generate_acls_project': { + 'display_name': 'Permission to generate the gitolite ACLs of a project', + 'claims': [], + }, + 'https://pagure.io/oidc/commit_flag': { + 'display_name': 'Permission to flag a commit with a CI results', + 'claims': [], + }, + } --
On Fri, Mar 30, 2018 at 11:02:11AM +0200, Clement Verna wrote:
This patch is adding the OIDC scopes needed for pagure.io APIs.
This is needed for https://pagure.io/fedora-infrastructure/issue/6751
+1 if Patrick is also ok with it.
Pierre
Hum, is this ready to go into production? Since if you're just importing it into ansible, but not deploying to prod, you don't need an FBR.
On Fri, Mar 30, 2018 at 11:41 AM, Pierre-Yves Chibon pingou@pingoured.fr wrote:
On Fri, Mar 30, 2018 at 11:02:11AM +0200, Clement Verna wrote:
This patch is adding the OIDC scopes needed for pagure.io APIs.
This is needed for https://pagure.io/fedora-infrastructure/issue/6751
+1 if Patrick is also ok with it.
Pierre
infrastructure mailing list -- infrastructure@lists.fedoraproject.org To unsubscribe send an email to infrastructure-leave@lists.fedoraproject.org
I was not sure if I needed a FBR, but I preferred to be safe than sorry :)
On 30 March 2018 at 17:39, Patrick Uiterwijk puiterwijk@redhat.com wrote:
Hum, is this ready to go into production? Since if you're just importing it into ansible, but not deploying to prod, you don't need an FBR.
On Fri, Mar 30, 2018 at 11:41 AM, Pierre-Yves Chibon pingou@pingoured.fr wrote:
On Fri, Mar 30, 2018 at 11:02:11AM +0200, Clement Verna wrote:
This patch is adding the OIDC scopes needed for pagure.io APIs.
This is needed for https://pagure.io/fedora-infrastructure/issue/6751
+1 if Patrick is also ok with it.
Pierre
infrastructure mailing list -- infrastructure@lists.fedoraproject.org To unsubscribe send an email to infrastructure-leave@lists.fedoraproject.org
infrastructure mailing list -- infrastructure@lists.fedoraproject.org To unsubscribe send an email to infrastructure-leave@lists.fedoraproject.org
If it does not modify any production servers, you do not need an FBR.
On Fri, Mar 30, 2018 at 7:59 PM, Clement Verna cverna@fedoraproject.org wrote:
I was not sure if I needed a FBR, but I preferred to be safe than sorry :)
On 30 March 2018 at 17:39, Patrick Uiterwijk puiterwijk@redhat.com wrote:
Hum, is this ready to go into production? Since if you're just importing it into ansible, but not deploying to prod, you don't need an FBR.
On Fri, Mar 30, 2018 at 11:41 AM, Pierre-Yves Chibon pingou@pingoured.fr wrote:
On Fri, Mar 30, 2018 at 11:02:11AM +0200, Clement Verna wrote:
This patch is adding the OIDC scopes needed for pagure.io APIs.
This is needed for https://pagure.io/fedora-infrastructure/issue/6751
+1 if Patrick is also ok with it.
Pierre
infrastructure mailing list -- infrastructure@lists.fedoraproject.org To unsubscribe send an email to infrastructure-leave@lists.fedoraproject.org
infrastructure mailing list -- infrastructure@lists.fedoraproject.org To unsubscribe send an email to infrastructure-leave@lists.fedoraproject.org
infrastructure mailing list -- infrastructure@lists.fedoraproject.org To unsubscribe send an email to infrastructure-leave@lists.fedoraproject.org
infrastructure@lists.fedoraproject.org