OAuth2-Proxy Setup

Pre-reads

Pre-requisites

• DIGIT uses golang (required v1.13.3) automated scripts to deploy the builds onto Kubernetes - Linux or Windows or Mac

• kubectl is a CLI to connect to the Kubernetes cluster from your machine

• Install Visualstudio IDE Code for better code/configuration editing capabilities

• Git

• GitHub OAuth app

Oauth2-proxy Setup

• Clone the following DIGIT-DevOps repo (If not already done as part of Infra setup), you may need to install git and then run git clone on your machine.

  git clone -b release https://github.com/egovernments/DIGIT-DevOps

• Add below configs into your environment file

oauth2-proxy:
  config:
    configFile: |-
      email_domains = [ "*" ]
      github_org = "<github_org>"                     # Repalce with GitHub org name
      github_team = "<github_team>,<github_team>"     # Repalce with GitHub teams
      upstreams = [ "file:///dev/null" ]

• Create a GitHub OAuth app and add the below secrets into the environment secrets file

  • GitHub OAuth App Creation

    • Follow the GitHub OAuth app

    • Homepage URL:- mentions your domain name eg. https://<your_domain_name>

    • Authorization callback URL:- https://<your_domain_name>/oauth2/callback

oauth2-proxy:   ## To work oauth2-proxy service, create and add your github OAuth Apps details
    clientID: qwgethjymnbv  
    clientSecret: 3a08079easd95696fd3baad5292
    cookieSecret: QVbnq0L96wtBg==   ## Any random hash value

• Deploy the oauth2-proxy via Jenkins deployment job or go land deployer

  Copy

  cd DIGIT-DevOps/deploy-as-code/deployer
  go run main.go deploy -e <environment_name> 'oauth2-proxy'