Usage - access control¶
Access control is primarily managed using the Ansible playbooks and configuration in the stackhpc-release-train and stackhpc-release-train-clients repositories. The readme file in each repository provides information on how to install dependencies and run playbooks. The playbooks are designed to be run manually or via a GitHub Actions CI job. This page covers the different workflows available for access control.
Create content guards¶
This workflow must currently be run manually. It involves the following playbook in the stackhpc-release-train repository:
dev-pulp-content-guards.yml
: Create RBAC content-guards.
It should almost never need to be run.
To run it manually:
ansible-playbook -i ansible/inventory \
ansible/dev-pulp-content-guards.yml
Configuration for content guards is in ansible/inventory/group_vars/all/dev-pulp-repos.
Generating client credentials¶
TODO