Add allow_oauth_origin discussion to README.md#270
Add allow_oauth_origin discussion to README.md#270sean-horn wants to merge 1 commit intohabitat-sh:mainfrom
Conversation
Oauth between an external Builder and Automate appears to require allow_oauth_origin to be set properly. Also included troubleshooting. Signed-off-by: Sean Horn <horn@progress.com>
| ``` | ||
|
|
||
| 1. Edit `bldr.env`: | ||
| * You must have version chef/automate-builder-api-proxy/0.1.0/20230111051525 or higher of builder-api-proxy, you can check by viewing the hab package storage area on your system |
There was a problem hiding this comment.
If they are using builder-api-proxy via the automate wrapped chef/automate-builder-api-proxy then they are using an integrated automate bundled builder which should have the same origin domain as automate and should not suffer the cross-origin issue. This becomes an issue when using a separate standalone on-prem builder.
|
|
||
| 1. Edit `bldr.env`: | ||
| * You must have version chef/automate-builder-api-proxy/0.1.0/20230111051525 or higher of builder-api-proxy, you can check by viewing the hab package storage area on your system | ||
| * You must set the following setting. Replace AUTOMATE-FQDN with the FQDN of your Automate system: **allow_oauth_origin** should have the value https://AUTOMATE-FQDN/ |
There was a problem hiding this comment.
the on-prem installer should automatically set ALLOW_OAUTH_ORIGIN if you are specifying chef-automate as the oauth provider. However if they simply update their builder-api-proxy package without running the installer then this is a good callout but we should b clear that it should be set under the [nginx] toml table in /hab/user/builder-api-proxy/config/user.toml. Also it needs to be uppercase.
2 participants
Oauth between an external Builder and Automate appears to require allow_oauth_origin to be set properly.
Also included troubleshooting.
Signed-off-by: Sean Horn horn@progress.com