19474fb62f
Add an "authorize_user" RPC call allowing to test a set of claims against the rules of a given tenant. Make zuul-web use this call to authorize access to tenant-scoped privileged actions. Change-Id: I50575f25b6db06f56b231bb47f8ad675febb9d82
32 lines
518 B
Plaintext
32 lines
518 B
Plaintext
[gearman]
|
|
server=127.0.0.1
|
|
|
|
[scheduler]
|
|
tenant_config=main.yaml
|
|
relative_priority=true
|
|
|
|
[merger]
|
|
git_dir=/tmp/zuul-test/merger-git
|
|
git_user_email=zuul@example.com
|
|
git_user_name=zuul
|
|
|
|
[executor]
|
|
git_dir=/tmp/zuul-test/executor-git
|
|
|
|
[connection gerrit]
|
|
driver=gerrit
|
|
server=review.example.com
|
|
user=jenkins
|
|
sshkey=fake_id_rsa_path
|
|
|
|
[web]
|
|
static_cache_expiry=1200
|
|
|
|
[auth zuul_operator]
|
|
driver=HS256
|
|
allow_authz_override=false
|
|
realm=zuul.example.com
|
|
client_id=zuul.example.com
|
|
issuer_id=zuul_operator
|
|
secret=NoDanaOnlyZuul
|