Restrict Application Creation
How to restrict application creation in Spinnaker with Fiat Permissions
This post will show you how to configure GitHub and Spinnaker to use GitHub as an OAuth2 authenticator. This post assumes you have the ability to modify developer settings for your GitHub organization, access to Halyard and configured DNS and SSL for your Spinnaker instance.
--pre-established-redirect-uriin halyard and the URL needs
loginappended to your gate endpoint e.g. https://gate.spinnaker.acme.com/login or https://spinnaker.acme.com/gate/login
Run the following commands in Halyard with your Client ID and Client Secret.
CLIENT_ID=a08xxxxxxxxxxxxx93 CLIENT_SECRET=6xxxaxxxxxxxxxxxxxxxxxxx59 PROVIDER=github hal config security authn oauth2 edit \ --client-id $CLIENT_ID \ --client-secret $CLIENT_SECRET \ --provider $PROVIDER \ --scope read:org,user:email \ --pre-established-redirect-uri "https://gate.spinnaker.acme.com/login" hal config security authn oauth2 enable