From ce65bb554c31f872bbeee79832cf46650f6c052b Mon Sep 17 00:00:00 2001 From: Daniel Gomes Date: Wed, 13 May 2020 02:04:43 +0100 Subject: [PATCH 1/2] Improve Main Team documentation by adding the available flags Signed-off-by: Daniel Gomes --- lit/docs/auth/main-team.lit | 40 ++++++++++++++++++++++++++++++++++++- 1 file changed, 39 insertions(+), 1 deletion(-) diff --git a/lit/docs/auth/main-team.lit b/lit/docs/auth/main-team.lit index 76d2392d..229b439b 100644 --- a/lit/docs/auth/main-team.lit +++ b/lit/docs/auth/main-team.lit @@ -11,9 +11,47 @@ team, so \code{main} is a special-case. The \code{main} team is different in that all flags normally passed to \reference{fly-set-team} are instead passed to the \code{concourse web} -command, prefixed with \code{--main-team-}. The values set in these flags +command, prefixed with \code{--main-team-}. The values set in these \reference{main-team-flags}{flags} take effect whenever the \code{web} node starts up. This is done so that you can't get locked out. To learn how to configure your \code{main} team, continue on to the appropriate section for your auth provider of choice under \reference{configuring-auth}. + +\section{ + \title{main-team flags}{main-team-flags} + + These are the available \bold{main-team} flags that can be passed to \code{concourse web} command: + + \definitions{ + \definition{\code{--main-team-local-user=test,admin}}{ + A whitelisted local concourse user. These are the users you've added at web startup with the --add-local-user flag. + } + }{ + \definition{\code{--main-team-config=/path/to/roles.yml}}{ + A .yml file with a single field, roles:, pointing to a list of role authorization configs. + + All of the attributes in each config will vary by provider. Consult the + appropriate section for your provider under \reference{configuring-auth} + for specifics. + + For example, the following config sets three roles with different auth + config for each role's provider: + + \codeblock{bash}{{{ + roles: + - name: owner + github: + users: ["admin"] + - name: member + github: + teams: ["org:team"] + - name: viewer + github: + orgs: ["org"] + local: + users: ["visitor"] + }}} + } + } +} From 97fdaf4d8943f5cee471b831df161cff9d1fc004 Mon Sep 17 00:00:00 2001 From: Daniel Gomes Date: Wed, 13 May 2020 02:07:41 +0100 Subject: [PATCH 2/2] minor improvements Signed-off-by: Daniel Gomes --- lit/docs/auth/main-team.lit | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lit/docs/auth/main-team.lit b/lit/docs/auth/main-team.lit index 229b439b..f97f3095 100644 --- a/lit/docs/auth/main-team.lit +++ b/lit/docs/auth/main-team.lit @@ -19,7 +19,7 @@ To learn how to configure your \code{main} team, continue on to the appropriate section for your auth provider of choice under \reference{configuring-auth}. \section{ - \title{main-team flags}{main-team-flags} + \title{The main-team flags}{main-team-flags} These are the available \bold{main-team} flags that can be passed to \code{concourse web} command: @@ -28,7 +28,7 @@ section for your auth provider of choice under \reference{configuring-auth}. A whitelisted local concourse user. These are the users you've added at web startup with the --add-local-user flag. } }{ - \definition{\code{--main-team-config=/path/to/roles.yml}}{ + \definition{\code{--main-team-config=/path/to/main-team-roles.yml}}{ A .yml file with a single field, roles:, pointing to a list of role authorization configs. All of the attributes in each config will vary by provider. Consult the