1d962ee6fc
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
This commit introduces the OpenSslLegacyShim class, which sets the LD_LIBRARY_PATH environment variable to include the directory containing OpenSSL 1.1 native libraries. This is necessary for Mongo2Go to function correctly on Linux platforms that do not ship these libraries by default. The shim checks if the current operating system is Linux and whether the required directory exists before modifying the environment variable.
55 lines
2.0 KiB
Markdown
55 lines
2.0 KiB
Markdown
# CLI Task Pack SSO Profiles
|
|
|
|
Task Pack workflows rely on purpose-scoped Authority clients. To streamline local logins and CI/CD automation, define StellaOps CLI profiles under `~/.stellaops/profiles` so `stella auth login` automatically requests the correct scopes.
|
|
|
|
Profiles are simple YAML files that map onto the CLI configuration schema. Set `STELLA_PROFILE=<name>` (or pass `--profile <name>` once the CLI exposes the switch) before invoking `stella` to load the profile.
|
|
|
|
## Example profiles
|
|
|
|
### Packs operator (`~/.stellaops/profiles/packs-operator.yaml`)
|
|
|
|
```yaml
|
|
StellaOps:
|
|
Authority:
|
|
Url: https://authority.example.com
|
|
ClientId: pack-operator
|
|
ClientSecretFile: ~/.stellaops/secrets/pack-operator.secret
|
|
Scope: "packs.read packs.run"
|
|
TokenCacheDirectory: ~/.stellaops/tokens
|
|
BackendUrl: https://task-runner.example.com
|
|
```
|
|
|
|
### Packs publisher (`~/.stellaops/profiles/packs-publisher.yaml`)
|
|
|
|
```yaml
|
|
StellaOps:
|
|
Authority:
|
|
Url: https://authority.example.com
|
|
ClientId: packs-registry
|
|
ClientSecretFile: ~/.stellaops/secrets/packs-registry.secret
|
|
Scope: "packs.read packs.write"
|
|
TokenCacheDirectory: ~/.stellaops/tokens
|
|
BackendUrl: https://packs-registry.example.com
|
|
```
|
|
|
|
### Packs approver (`~/.stellaops/profiles/packs-approver.yaml`)
|
|
|
|
```yaml
|
|
StellaOps:
|
|
Authority:
|
|
Url: https://authority.example.com
|
|
ClientId: pack-approver
|
|
ClientSecretFile: ~/.stellaops/secrets/pack-approver.secret
|
|
Scope: "packs.read packs.approve"
|
|
TokenCacheDirectory: ~/.stellaops/tokens
|
|
BackendUrl: https://task-runner.example.com
|
|
```
|
|
|
|
## Usage
|
|
|
|
1. Create the profile file under `~/.stellaops/profiles/<name>.yaml`.
|
|
2. Store the matching client secret in the referenced path (or set `ClientSecret` for development).
|
|
3. Export `STELLA_PROFILE=<name>` before running `stella auth login` or individual pack commands.
|
|
|
|
The CLI reads the profile, applies the Authority configuration, and requests the listed scopes so the resulting tokens satisfy Task Runner and Packs Registry expectations.
|