Skip to content

Commit 9a95317

Browse files
committed
UI_LOAD_USER
Signed-off-by: desmax74 <mdessi@redhat.com>
1 parent cbbe8af commit 9a95317

5 files changed

Lines changed: 47 additions & 46 deletions

File tree

CHANGELOG.md

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,10 @@
1-
## [2.2.4] - 2026-04-15
1+
## [2.2.4] - 2026-04-20
22

33
### Release Summary
44
Bug fix Release
55
### Bugfixes
66
- TC-3623 OIDC userinfo call fails for Azure Entra as OIDC
7+
- TC-4108 Add OIDC_LOAD_USER configuration support to server API
78

89
## [2.2.3] - 2026-03-31
910

roles/tpa_single_node/README.md

Lines changed: 40 additions & 40 deletions
Original file line numberDiff line numberDiff line change
@@ -18,46 +18,46 @@ Deploy the [RHTPA](https://docs.redhat.com/en/documentation/red_hat_trusted_prof
1818
| tpa_single_node_tls_server_key | key path on the controller machine | str | |
1919

2020
### Optional
21-
|Option|Description|Type|Default|
22-
|---|---|---|---|
23-
| tpa_single_node_trustification_image | Trustification image. | str | `registry.redhat.io/rhtpa/rhtpa-trustification-service-rhel9:0bef82c8139cc89ef4840e36ad519ca24bb54f70` |
24-
| tpa_single_node_base_hostname | The user name logging in to the registry to pull images. | str | `trustification` |
25-
| tpa_single_node_certificates_dir | Folder where to place the certificates to deploy on the instance. | str | `certs` |
26-
| tpa_single_node_config_dir | Configuration directory on the instance. | str | `/etc/rhtpa` |
27-
| tpa_single_node_kube_manifest_dir | Configuration directory on the instance containing the manifests. | str | `/etc/rhtpa/manifests` |
28-
| tpa_single_node_namespace | Podman network namespace. | str | `trustification` |
29-
| tpa_single_node_podman_network | Podman network name. | str | `tcnet` |
30-
| tpa_single_node_systemd_directory | Folder where to store the systemd configurations files. | str | `/etc/systemd/system` |
31-
| tpa_single_node_default_empty | Default empty value. | str | |
32-
| tpa_single_node_pg_host | Host ip of the postgresql db instance. Readed from the TPA_PG_HOST env | str | |
33-
| tpa_single_node_pg_port | Port of the postgresql db instance. | str | `5432` |
34-
| tpa_single_node_pg_db | DB name. | str | `trustify` |
35-
| tpa_single_node_pg_admin_db | DB Admin name. | str | `postgres` |
36-
| tpa_single_node_pg_ssl_mode | DB SSL mode require/disable. | str | `require` |
37-
| tpa_single_node_oidc_issuer_url | Readed from TPA_OIDC_ISSUER_URL env var | str | |
38-
| tpa_single_node_oidc_frontend_id | Readed from TPA_OIDC_FRONTEND_ID env var | str | |
39-
| tpa_single_node_oidc_client_id | Readed from TPA_OIDC_CLIENT_ID env var | str | |
40-
| tpa_single_node_oidc_client_secret | Readed from TPA_OIDC_CLIENT_SECRET env var | str | |
41-
| tpa_single_node_oidc_tls_insecure | Readed from TPA_OIDC_TLS_INSECURE env var | str | |
42-
| tpa_single_node_oidc_user_info | Value for OIDC_USER_INFO environment variable. Readed from TPA_OIDC_USER_INFO env var | str | `true` |
43-
| tpa_single_node_oidc_ui_scope | Optional value for UI_SCOPE environment variable. Readed from TPA_OIDC_UI_SCOPE env var | str | |
44-
| tpa_single_node_aws_cognito_domain | Readed from TPA_OIDC_COGNITO_DOMAIN env var | str | |
45-
| tpa_single_node_storage_access_key | Read from 'TPA_STORAGE_ACCESS_KEY' env var | str | |
46-
| tpa_single_node_storage_secret_key | Read from 'TPA_STORAGE_SECRET_KEY' env var | str | |
47-
| tpa_single_node_storage_bucket | Read from 'TPA_STORAGE_S3_BUCKET' env var | str | |
48-
| tpa_single_node_storage_region | Read from 'TPA_STORAGE_REGION' env var | str | |
49-
| tpa_single_node_storage_trust_anchors | Read from 'TPA_STORAGE_TRUST_ANCHORS' env var, trust anchors separated by , | str | |
50-
| tpa_single_node_storage_secret | storage-secret.yaml path on the target machine | str | `/etc/rhtpa/manifests/storage-secret.yaml` |
51-
| tpa_single_node_oidc_secret | oidc-secret.yaml path on the target machine | str | `/etc/rhtpa/manifests/oidc-secret.yaml` |
52-
| tpa_single_node_probe_initial_delay_seconds | Initial prob delay in seconds | int | `30` |
53-
| tpa_single_node_cpu | CPU for deployment | int | `1` |
54-
| tpa_single_node_memory | Memory for deployment | str | `8Gi` |
55-
| tpa_single_node_server_pvc_claim | Server PVC Claim | str | `32Gi` |
56-
| tpa_single_node_log_filter | Rust Log filter | str | `info` |
57-
| tpa_single_node_server_req_limit | HTTP Server Request limit | str | |
58-
| tpa_single_node_server_json_limit | HTTP Server JSON limit | str | |
59-
| tpa_single_node_upload_limit | Upload limit for Files | str | |
60-
| tpa_single_node_storage_compression | Compression logic for storage | str | |
21+
| Option | Description |Type|Default|
22+
|---------------------------------------------|-----------------------------------------------------------------------------------------------|---|---|
23+
| tpa_single_node_trustification_image | Trustification image. | str | `registry.redhat.io/rhtpa/rhtpa-trustification-service-rhel9:0bef82c8139cc89ef4840e36ad519ca24bb54f70` |
24+
| tpa_single_node_base_hostname | The user name logging in to the registry to pull images. | str | `trustification` |
25+
| tpa_single_node_certificates_dir | Folder where to place the certificates to deploy on the instance. | str | `certs` |
26+
| tpa_single_node_config_dir | Configuration directory on the instance. | str | `/etc/rhtpa` |
27+
| tpa_single_node_kube_manifest_dir | Configuration directory on the instance containing the manifests. | str | `/etc/rhtpa/manifests` |
28+
| tpa_single_node_namespace | Podman network namespace. | str | `trustification` |
29+
| tpa_single_node_podman_network | Podman network name. | str | `tcnet` |
30+
| tpa_single_node_systemd_directory | Folder where to store the systemd configurations files. | str | `/etc/systemd/system` |
31+
| tpa_single_node_default_empty | Default empty value. | str | |
32+
| tpa_single_node_pg_host | Host ip of the postgresql db instance. Readed from the TPA_PG_HOST env | str | |
33+
| tpa_single_node_pg_port | Port of the postgresql db instance. | str | `5432` |
34+
| tpa_single_node_pg_db | DB name. | str | `trustify` |
35+
| tpa_single_node_pg_admin_db | DB Admin name. | str | `postgres` |
36+
| tpa_single_node_pg_ssl_mode | DB SSL mode require/disable. | str | `require` |
37+
| tpa_single_node_oidc_issuer_url | Readed from TPA_OIDC_ISSUER_URL env var | str | |
38+
| tpa_single_node_oidc_frontend_id | Readed from TPA_OIDC_FRONTEND_ID env var | str | |
39+
| tpa_single_node_oidc_client_id | Readed from TPA_OIDC_CLIENT_ID env var | str | |
40+
| tpa_single_node_oidc_client_secret | Readed from TPA_OIDC_CLIENT_SECRET env var | str | |
41+
| tpa_single_node_oidc_tls_insecure | Readed from TPA_OIDC_TLS_INSECURE env var | str | |
42+
| tpa_single_node_oidc_ui_load_user | Value for UI_OIDC_LOAD_USER environment variable. Readed from TPA_OIDC_UI_LOAD_USER env var | str | `true` |
43+
| tpa_single_node_oidc_ui_scope | Optional value for UI_SCOPE environment variable. Readed from TPA_OIDC_UI_SCOPE env var | str | |
44+
| tpa_single_node_aws_cognito_domain | Readed from TPA_OIDC_COGNITO_DOMAIN env var | str | |
45+
| tpa_single_node_storage_access_key | Read from 'TPA_STORAGE_ACCESS_KEY' env var | str | |
46+
| tpa_single_node_storage_secret_key | Read from 'TPA_STORAGE_SECRET_KEY' env var | str | |
47+
| tpa_single_node_storage_bucket | Read from 'TPA_STORAGE_S3_BUCKET' env var | str | |
48+
| tpa_single_node_storage_region | Read from 'TPA_STORAGE_REGION' env var | str | |
49+
| tpa_single_node_storage_trust_anchors | Read from 'TPA_STORAGE_TRUST_ANCHORS' env var, trust anchors separated by , | str | |
50+
| tpa_single_node_storage_secret | storage-secret.yaml path on the target machine | str | `/etc/rhtpa/manifests/storage-secret.yaml` |
51+
| tpa_single_node_oidc_secret | oidc-secret.yaml path on the target machine | str | `/etc/rhtpa/manifests/oidc-secret.yaml` |
52+
| tpa_single_node_probe_initial_delay_seconds | Initial prob delay in seconds | int | `30` |
53+
| tpa_single_node_cpu | CPU for deployment | int | `1` |
54+
| tpa_single_node_memory | Memory for deployment | str | `8Gi` |
55+
| tpa_single_node_server_pvc_claim | Server PVC Claim | str | `32Gi` |
56+
| tpa_single_node_log_filter | Rust Log filter | str | `info` |
57+
| tpa_single_node_server_req_limit | HTTP Server Request limit | str | |
58+
| tpa_single_node_server_json_limit | HTTP Server JSON limit | str | |
59+
| tpa_single_node_upload_limit | Upload limit for Files | str | |
60+
| tpa_single_node_storage_compression | Compression logic for storage | str | |
6161

6262
## Example Playbook
6363

roles/tpa_single_node/meta/argument_specs.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -121,8 +121,8 @@ argument_specs:
121121
type: "str"
122122
required: false
123123
version_added: "2.0.0"
124-
tpa_single_node_oidc_user_info:
125-
description: "Value for OIDC_USER_INFO environment variable. Readed from TPA_OIDC_USER_INFO env var"
124+
tpa_single_node_oidc_ui_load_user:
125+
description: "Value for OIDC_UI_LOAD_USER environment variable. Readed from TPA_OIDC_UI_LOAD_USER env var"
126126
type: "str"
127127
required: false
128128
version_added: "2.2.4"

roles/tpa_single_node/templates/manifests/server/Deployment.yaml.j2

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -139,8 +139,8 @@ spec:
139139
secretKeyRef:
140140
name: oidc_secret
141141
key: front_end
142-
- name: OIDC_USER_INFO
143-
value: "{{ tpa_single_node_oidc_user_info }}"
142+
- name: UI_LOAD_USER
143+
value: "{{ tpa_single_node_oidc_ui_load_user }}"
144144
{% if tpa_single_node_oidc_ui_scope != '' %}
145145
- name: UI_SCOPE
146146
value: "{{ tpa_single_node_oidc_ui_scope }}"

roles/tpa_single_node/vars/main.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,7 @@ tpa_single_node_oidc_frontend_id: "{{ lookup('env', 'TPA_OIDC_FRONTEND_ID') | de
3535
tpa_single_node_oidc_client_id: "{{ lookup('env', 'TPA_OIDC_CLIENT_ID') | default('None', true) }}"
3636
tpa_single_node_oidc_client_secret: "{{ lookup('env', 'TPA_OIDC_CLIENT_SECRET') | default('None', true) }}"
3737
tpa_single_node_oidc_tls_insecure: "{{ lookup('env', 'TPA_OIDC_TLS_INSECURE') | default('false', true) }}"
38-
tpa_single_node_oidc_user_info: "{{ lookup('env', 'TPA_OIDC_USER_INFO') | default('true', true) }}"
38+
tpa_single_node_oidc_ui_load_user: "{{ lookup('env', 'TPA_OIDC_UI_LOAD_USER') | default('true', true) }}"
3939
tpa_single_node_oidc_ui_scope: "{{ lookup('env', 'TPA_OIDC_UI_SCOPE') | default('', true) }}"
4040

4141
## AWS OIDC fields

0 commit comments

Comments
 (0)