Closed
Bug 1380028
Opened 7 years ago
Closed 7 years ago
[tracker] use auth0 to get Taskcluster credentials
Categories
(Taskcluster :: Services, enhancement)
Taskcluster
Services
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: dustin, Assigned: dustin)
References
()
Details
This entails implementing something like the proof-of-concept in bug 1354251.
Assignee | ||
Comment 1•7 years ago
|
||
Planned process to accomplish this: https://gist.github.com/djmitche/ac2ed4446f024a6cb978e8061487c5a7
Assignee | ||
Updated•7 years ago
|
Assignee | ||
Comment 2•7 years ago
|
||
My thinking for next steps are: once https://github.com/taskcluster/taskcluster-tools/pull/307 lands - enable auth0, but leave Okta, in the tools site (with a tooltip indicating auth0 is being tested, ..) - test - disable Okta in the tools site once that's complete and tools is no longer using the login UI - enable auth0 in the login site with suitable messaging about testing Friday - disable Okta in the login site
Assignee | ||
Comment 3•7 years ago
|
||
auth0 is enabled on tools - just waiting for the CDN to realize that
Assignee | ||
Comment 4•7 years ago
|
||
> - enable auth0, but leave Okta, in the tools site ✓
> - test ✓
> - enable auth0 in the login site with suitable messaging about testing ✓
I haven't disabled Okta anywhere yet -- I'll wait until tomorrow to see if there's any issue with session renewal, etc.
Assignee | ||
Comment 5•7 years ago
|
||
Okta's disabled everywhere now. PR's are landing to remove support.
Assignee | ||
Comment 6•7 years ago
|
||
https://github.com/taskcluster/taskcluster-tools/pull/335
Assignee | ||
Comment 7•7 years ago
|
||
https://github.com/taskcluster/taskcluster-login/pull/64 These PRs are really just cleanup -- we are no longer using Okta.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Comment 8•7 years ago
|
||
Commits pushed to master at https://github.com/taskcluster/taskcluster-login https://github.com/taskcluster/taskcluster-login/commit/bc970077cf0dda65322cec3a5ccdb6318d59f725 Bug 1380028 - remove Okta support https://github.com/taskcluster/taskcluster-login/commit/3d8d3fb70b0fadea331d9286b06ebd1c9ccb9e31 Merge pull request #64 from djmitche/remove-okta Bug 1380028 - remove Okta support
Comment 9•7 years ago
|
||
Commit pushed to master at https://github.com/taskcluster/taskcluster-tools https://github.com/taskcluster/taskcluster-tools/commit/c32b7a17d0513ce5720d1c0d8192ccfcd5eccf76 Bug 1380028 - remove Okta support (and email)
Comment 10•7 years ago
|
||
Dustin, I have problems with the website since this got live. This morning I had to re-auth to Auth0 because Okta was not accepted, which I did, gave all permissions to TC. And now, intermittently but very often, the task inspector pages are popping with NetworkError, taking long time to load and effectively making me impossible to use TC when authenticated ; thus unable to retrigger tasks, etc. NetworkError comes from a 503 HTTP error on the OPTIONS against https://login.taskcluster.net/v1/oidc-credentials/mozilla-auth0
Flags: needinfo?(dustin)
Assignee | ||
Comment 11•7 years ago
|
||
That appears to be Mozillians bustage -- I've filed bug 1404606 to track the TC impact, and disabled Mozillians logins for the moment, and bug 1404607 for the Mozillians bustage.
Flags: needinfo?(dustin)
Comment 12•7 years ago
|
||
Thanks, I can confirm it looks much better now :)
Updated•5 years ago
|
Component: Login → Services
You need to log in
before you can comment on or make changes to this bug.
Description
•