Skip to content

keycloak: Add web origins to swh-web client in staging realm

It enables CORS between Software Heritage web applications (GraphiQL client for instance) and Keycloak server when using the swh-web client.

octo-diff kelvingrove
(swh) ✔ ~/swh/puppet-environment [master|✔]
11:11 $ ./bin/octocatalog-diff --to staging kelvingrove.internal.softwareheritage.org
Found host kelvingrove.internal.softwareheritage.org
Cloning into '/tmp/swh-ocd.ZRvdgWg4/environments/production/data/private'...
done.
Cloning into '/tmp/swh-ocd.ZRvdgWg4/environments/staging/data/private'...
done.
*** Running octocatalog-diff on host kelvingrove.internal.softwareheritage.org
I, [2023-03-15T11:12:02.285259 #1652235]  INFO -- : Catalogs compiled for kelvingrove.internal.softwareheritage.org
I, [2023-03-15T11:12:02.685991 #1652235]  INFO -- : Diffs computed for kelvingrove.internal.softwareheritage.org
diff origin/production/kelvingrove.internal.softwareheritage.org current/kelvingrove.internal.softwareheritage.org
*******************************************
  Keycloak_client[swh-web on SoftwareHeritageStaging] =>
   parameters =>
     web_origins =>
      + ["https://webapp.staging.swh.network", "https://webapp.internal.staging.swh.network"]
*******************************************
*** End octocatalog-diff on kelvingrove.internal.softwareheritage.org

cc @teams/sysadmin

Related to swh/devel/swh-graphql#4652, swh/devel/swh-graphql!128 (merged)

On a related note, would it be an issue to also add development server URLs (http://localhost:5004, http://localhost:5013) as redirect_uris and web_origins for the client in the staging realm to ease authentication testing ?

Edited by Antoine R. Dumont

Merge request reports

Loading