Enhance README.md

Fix code blocks indentation and add syntax highlighting

Change-Id: Ib6a0672ad961e567bf586e7569f64b8b37533845
This commit is contained in:
Claudio Pisa 2020-02-19 16:32:17 +01:00
parent 5ec1bc10f9
commit 3bab1d79f0
1 changed files with 70 additions and 64 deletions

View File

@ -37,7 +37,7 @@ Use this charm with the Keystone charm, running with preferred-api-version=3:
In a bundle:
```
```yaml
applications:
# ...
keystone-saml-mellon:
@ -136,13 +136,13 @@ The XML must be generated by your idP rather than
attempting to create this document on your own.
Generate a certificate key pair for keystone as a Service Provider (SP). See
openssl document ion on how to. This certificate key pair will not be validated
openssl documentation on how to. This certificate key pair will not be validated
so it may or may not be signed by your certificate authority.
The key PEM file is the resource file for sp-private-key.pem. The certificate
The key PEM file is the resource file for `sp-private-key.pem`. The certificate
PEM data will be placed in an XML document and will become the
sp-signing-keyinfo.xml resource file.
`sp-signing-keyinfo.xml` resource file.
```
```xml
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>
@ -158,7 +158,7 @@ sp-signing-keyinfo.xml resource file.
```
Set the protocol. This must match the protocol used in the post-deployment
configuration steps. We recommend the protocol "mapped."
configuration steps. We recommend the protocol "mapped".
juju config keystone-saml-mellon protocol-name=mapped
@ -171,7 +171,7 @@ generated in the keystone database will use this NameID as the uid.
If proxies are invoked at any point between the idP and keystone as SP set
subject-confirmation-data-address-check to false.
juju config keystone-saml-mellon subject-confirmation-data-address-check=False
juju config keystone-saml-mellon subject-confirmation-data-address-check=false
Attach resources
@ -179,7 +179,7 @@ Attach resources
Get keystones SP metadata XML and exchange it with your idP
juju run-action keystone-saml-mellon/0 get-sp-metadata
juju run-action keystone-saml-mellon/0 get-sp-metadata --wait
# Post-deployment Configuration
@ -209,21 +209,21 @@ following is a simple example. Constraints can be added on the remote side. For
example group membership.
See [mapping documentation](https://docs.openstack.org/keystone/latest/admin/federation/mapping_combinations.html) upstream.
```
openstack domain create federated_domain
openstack group create federated_users --domain federated_domain
# Get the federated_users group id and assign the role Member
GROUP_ID=$(openstack group show federated_users --domain federated_domain | grep -v domain_id | grep id |awk '{print $4}')
openstack role add --group ${GROUP_ID} --domain federated_domain Member
```bash
openstack domain create federated_domain
openstack group create federated_users --domain federated_domain
# Get the federated_users group id and assign the role Member
GROUP_ID=$(openstack group show federated_users --domain federated_domain | grep -v domain_id | grep id |awk '{print $4}')
openstack role add --group ${GROUP_ID} --domain federated_domain Member
# Use the URL for your idP's metadata for remote-id. The name can be
# arbitrary.
openstack identity provider create --remote-id https://samltest.id/saml/idp --domain federated_domain samltest
# Use the URL for your idP's metadata for remote-id. The name can be
# arbitrary.
openstack identity provider create --remote-id https://samltest.id/saml/idp --domain federated_domain samltest
# Get the federated_domain id and add it to the rules.json map
DOMAIN_ID=$(openstack domain show federated_domain |grep id |awk '{print $4}')
cat > rules.json <<EOF
[{
# Get the federated_domain id and add it to the rules.json map
DOMAIN_ID=$(openstack domain show federated_domain |grep id |awk '{print $4}')
cat > rules.json <<EOF
[{
"local": [
{
"user": {
@ -252,23 +252,29 @@ See [mapping documentation](https://docs.openstack.org/keystone/latest/admin/fed
"type": "MELLON_NAME_ID"
}
]
}]
EOF
}]
EOF
# Use the rules.json created above.
openstack mapping create --rules rules.json samltest_mapping
# The name should be mapped or saml here and must match the configuration
# setting protocol-name. We recommend using "mapped"
openstack federation protocol create mapped --mapping samltest_mapping --identity-provider samltest
# list related projects
openstack federation project list
# Note and auto generated domain has been created. This is where auto
# generated users and projects will be created.
openstack domain list
# Use the rules.json created above.
openstack mapping create --rules rules.json samltest_mapping
# The name should be mapped or saml here and must match the configuration
# setting protocol-name. We recommend using "mapped"
openstack federation protocol create mapped --mapping samltest_mapping --identity-provider samltest
# list related projects
openstack federation project list
# Note and auto generated domain has been created. This is where auto
# generated users and projects will be created.
openstack domain list
```
# Bugs
Please report bugs on [Launchpad](https://bugs.launchpad.net/charm-keystone-saml-mellon/+filebug).
Please report bugs on [Launchpad][lp-bugs-charm-keystone-saml-mellon].
For general questions please refer to the OpenStack [Charm Guide](https://docs.openstack.org/charm-guide/latest/).
For general charm questions refer to the [OpenStack Charm Guide][cg].
<!-- LINKS -->
[cg]: https://docs.openstack.org/charm-guide
[cdg]: https://docs.openstack.org/project-deploy-guide/charm-deployment-guide
[lp-bugs-charm-keystone-saml-mellon]: https://bugs.launchpad.net/charm-keystone-saml-mellon/+filebug