我刚刚在AWS-Openshift环境中使用Docker文件部署了JFrog Artifactory。
我需要将Artifactory与OpenShift OAuth服务集成。
有人可以指导我如何继续吗?
我可以从下面的/ document中查看这些选项。
OAuth集成设置,在Admin模块中,选择Security | OAuth SSO。
我使用上面的配置并收到错误 -
{"error":"unsupported_grant_type","error_description":"The authorization grant type is not supported by the authorization server."}
=============================================== ======================
{
"kind": "Status",
"apiVersion": "v1",
"metadata": {},
"status": "Failure",
"message": "User \"system:anonymous\" cannot list all users in the cluster",
"reason": "Forbidden",
"details": {
"kind": "users"
},
"code": 403
}
FROM rhel7:latest
MAINTAINER Naveen Kumar 06 <naveen.sr@tech.com>
RUN set -x \
&& yum -y install tar unzip \
&& yum -y update \
&& yum -y clean all
#java
ENV JAVA_HOME /opt/java
ENV JAVA_VERSION_MAJOR 8
ENV JAVA_VERSION_MINOR 102
ENV JAVA_VERSION_BUILD 14
RUN mkdir -p /opt \
&& curl --fail --silent --location --retry 3 \
--header "Cookie: oraclelicense=accept-securebackup-cookie; " \
http://download.oracle.com/otn-pub/java/jdk/${JAVA_VERSION_MAJOR}u${JAVA_VERSION_MINOR}-b${JAVA_VERSION_BUILD}/server-jre-${JAVA_VERSION_MAJOR}u${JAVA_VERSION_MINOR}-linux-x64.tar.gz \
| gunzip \
| tar -x -C /opt \
&& ln -s /opt/jdk1.${JAVA_VERSION_MAJOR}.0_${JAVA_VERSION_MINOR} ${JAVA_HOME}
#jfrog-artifactory-pro-4.12.1.zip
#https://dl.bintray.com/jfrog/artifactory-pro/org/artifactory/pro/jfrog-artifactory-pro/4.12.1/jfrog-artifactory-pro-4.12.1.zip
ENV ARTIFACTORY_VERSION 4.12.1
ENV ARTIFACTORY_HOME /artifactory-pro-${ARTIFACTORY_VERSION}
#ADD http://dl.bintray.com/content/jfrog/artifactory/jfrog-artifactory-pro-${ARTIFACTORY_VERSION}.zip?direct artifactory.zip
ADD https://dl.bintray.com/jfrog/artifactory-pro/org/artifactory/pro/jfrog-artifactory-pro/4.12.1/jfrog-artifactory-pro-4.12.1.zip artifactory.zip
RUN unzip artifactory.zip
RUN sed -i -e 's/Xmx2g/Xmx512m/g' artifactory-*/bin/artifactory.default
#artifactory-oss-4.12.1/tomcat/webapps/
RUN chmod +x /artifactory-pro-${ARTIFACTORY_VERSION}/bin/artifactory.sh
# Expose the default endpoint
EXPOSE 8081
WORKDIR /artifactory-oss-${ARTIFACTORY_VERSION}
RUN chmod -R 777 /artifactory-pro-4.12.1/
# Run the embedded tomcat container
ENTRYPOINT /artifactory-pro-${ARTIFACTORY_VERSION}/bin/artifactory.sh
此致 纳温
答案 0 :(得分:0)
我们的问题是OpenShift身份验证不提供id_token。这就是你的问题的原因。我们编写了一个代理,以便从OpenShift OAuth向Artifactory提供它所期待的答案。
请注意,Artifactory使用java.net.HttpURLConnection连接到OpenID提供程序和Apache HTTP Client。该类从系统属性中读取典型的代理设置
"https.proxyHost"
"https.proxyPort"
"https.proxyUser"
"https.proxyPassword"
要在Artifactory中设置它们,请编辑/ artifactory-home / bin
中的artifactory.batset JAVA_OPTIONS=-server -Xms512m -Xmx2g -Xss256k -XX:+UseG1GC -Dhttps.proxyHost=myProxyHost -Dhttps.proxyPort=myProxyPort -Dhttps.proxyUser=myProxyUser -Dhttps.proxyPassword=XXXX