Skip to content

Commit

Permalink
oauthenticator 16: remove outdated comment about allowed_users
Browse files Browse the repository at this point in the history
  • Loading branch information
consideRatio committed Sep 10, 2023
1 parent 66056b9 commit c1d73c3
Show file tree
Hide file tree
Showing 13 changed files with 62 additions and 99 deletions.
14 changes: 5 additions & 9 deletions config/clusters/2i2c-aws-us/dask-staging.values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -33,15 +33,6 @@ basehub:
tag: "2022.06.02"
hub:
config:
Authenticator:
# This hub uses GitHub Org auth and so we don't set
# allowed_users in order to not deny access to valid members of
# the listed orgs.
#
# You must always set admin_users, even if it is an empty list,
# otherwise `add_staff_user_ids_to_admin_users: true` will fail
# silently and no staff members will have admin access.
admin_users: []
JupyterHub:
authenticator_class: "github"
GitHubOAuthenticator:
Expand All @@ -50,3 +41,8 @@ basehub:
- 2i2c-org
scope:
- read:org
Authenticator:
# You must always set admin_users, even if it is an empty list,
# otherwise `add_staff_user_ids_to_admin_users: true` will fail
# silently and no staff members will have admin access.
admin_users: []
4 changes: 2 additions & 2 deletions config/clusters/2i2c-aws-us/researchdelight.values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -34,15 +34,15 @@ basehub:
config:
JupyterHub:
authenticator_class: github
Authenticator:
enable_auth_state: true
GitHubOAuthenticator:
populate_teams_in_auth_state: true
allowed_organizations:
- 2i2c-org:hub-access-for-2i2c-staff
- 2i2c-org:research-delight-team
scope:
- read:org
Authenticator:
enable_auth_state: true
singleuser:
image:
name: quay.io/2i2c/researchdelight-image
Expand Down
14 changes: 5 additions & 9 deletions config/clusters/2i2c-aws-us/staging.values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -28,15 +28,6 @@ jupyterhub:
url: https://2i2c.org
hub:
config:
Authenticator:
# This hub uses GitHub Org auth and so we don't set
# allowed_users in order to not deny access to valid members of
# the listed orgs.
#
# You must always set admin_users, even if it is an empty list,
# otherwise `add_staff_user_ids_to_admin_users: true` will fail
# silently and no staff members will have admin access.
admin_users: []
JupyterHub:
authenticator_class: "github"
GitHubOAuthenticator:
Expand All @@ -45,3 +36,8 @@ jupyterhub:
- 2i2c-org
scope:
- read:org
Authenticator:
# You must always set admin_users, even if it is an empty list,
# otherwise `add_staff_user_ids_to_admin_users: true` will fail
# silently and no staff members will have admin access.
admin_users: []
13 changes: 5 additions & 8 deletions config/clusters/2i2c-uk/lis.values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -49,17 +49,14 @@ jupyterhub:
config:
JupyterHub:
authenticator_class: github
Authenticator:
# This hub uses GitHub Orgs auth and so we don't set
# allowed_users in order to not deny access to valid members of
# the listed orgs. These people should have admin access though.
admin_users:
- LaCrecerelle
- matthew-brett
GitHubOAuthenticator:
oauth_callback_url: "https://ds.lis.2i2c.cloud/hub/oauth_callback"
allowed_organizations:
- 2i2c-org
- lisacuk
scope:
- read:org
oauth_callback_url: "https://ds.lis.2i2c.cloud/hub/oauth_callback"
Authenticator:
admin_users:
- LaCrecerelle
- matthew-brett
13 changes: 5 additions & 8 deletions config/clusters/awi-ciroh/common.values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -33,21 +33,18 @@ basehub:
config:
JupyterHub:
authenticator_class: github
Authenticator:
# This hub uses GitHub Orgs auth and so we don't set
# allowed_users in order to not deny access to valid members of
# the listed orgs. These people should have admin access though.
admin_users:
- jameshalgren
- arpita0911patel
- karnesh
GitHubOAuthenticator:
allowed_organizations:
- 2i2c-org
- alabamawaterinstitute
- NOAA-OWP
scope:
- read:org
Authenticator:
admin_users:
- jameshalgren
- arpita0911patel
- karnesh
singleuser:
image:
# Image build repo: https://github.com/2i2c-org/awi-ciroh-image
Expand Down
13 changes: 5 additions & 8 deletions config/clusters/leap/common.values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -42,14 +42,6 @@ basehub:
tag: "0.0.1-0.dev.git.6863.h406a3546"
allowNamedServers: true
config:
Authenticator:
enable_auth_state: true
# This hub uses GitHub Teams auth and so we don't set
# allowed_users in order to not deny access to valid members of
# the listed teams. These people should have admin access though.
admin_users:
- rabernat
- jbusecke
JupyterHub:
authenticator_class: github
# Announcement is a JupyterHub feature to present messages to users in
Expand All @@ -76,6 +68,11 @@ basehub:
- 2i2c-org:hub-access-for-2i2c-staff
scope:
- read:org
Authenticator:
enable_auth_state: true
admin_users:
- rabernat
- jbusecke
singleuser:
image:
name: pangeo/pangeo-notebook
Expand Down
9 changes: 3 additions & 6 deletions config/clusters/linked-earth/common.values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -33,18 +33,15 @@ basehub:
config:
JupyterHub:
authenticator_class: github
Authenticator:
# This hub uses GitHub Orgs auth and so we don't set
# allowed_users in order to not deny access to valid members of
# the listed orgs. These people should have admin access though.
admin_users:
- khider
GitHubOAuthenticator:
allowed_organizations:
- 2i2c-org
- LinkedEarth
scope:
- read:org
Authenticator:
admin_users:
- khider
singleuser:
image:
# User image repo: https://quay.io/repository/linkedearth/pyleoclim
Expand Down
13 changes: 5 additions & 8 deletions config/clusters/m2lines/common.values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -39,14 +39,6 @@ basehub:
hub:
allowNamedServers: true
config:
Authenticator:
# This hub uses GitHub Teams auth and so we don't set
# allowed_users in order to not deny access to valid members of
# the listed teams. These people should have admin access though.
admin_users:
- rabernat
- johannag126
- jbusecke
JupyterHub:
authenticator_class: github
GitHubOAuthenticator:
Expand All @@ -55,6 +47,11 @@ basehub:
- 2i2c-org:hub-access-for-2i2c-staff
scope:
- read:org
Authenticator:
admin_users:
- rabernat
- johannag126
- jbusecke
singleuser:
extraFiles:
jupyter_notebook_config.json:
Expand Down
28 changes: 13 additions & 15 deletions config/clusters/nasa-cryo/common.values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -37,21 +37,6 @@ basehub:
hub:
allowNamedServers: true
config:
Authenticator:
# We are restricting profiles based on GitHub Team membership and
# so need to persist auth state
enable_auth_state: true
# This hub uses GitHub Teams auth and so we don't set
# allowed_users in order to not deny access to valid members of
# the listed teams. These people should have admin access though.
admin_users:
- tsnow03
- JessicaS11
- jdmillstein
- dfelikson
- fperez
- scottyhq
- jomey
JupyterHub:
authenticator_class: github
GitHubOAuthenticator:
Expand All @@ -64,6 +49,19 @@ basehub:
- CryoInTheCloud:cryocloudadvanced
scope:
- read:org
Authenticator:
# We are restricting profiles based on GitHub Team membership and
# so need to persist auth state
enable_auth_state: true
admin_users:
- tsnow03
- JessicaS11
- jdmillstein
- dfelikson
- fperez
- scottyhq
- jomey

singleuser:
extraFiles:
# jupyter_server_config.json is defined by basehub, this entry adds to it
Expand Down
15 changes: 6 additions & 9 deletions config/clusters/pangeo-hubs/common.values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -38,15 +38,6 @@ basehub:
hub:
allowNamedServers: true
config:
Authenticator:
# This hub uses GitHub Teams auth and so we don't set
# allowed_users in order to not deny access to valid members of
# the listed teams. These people should have admin access though.
admin_users:
- rabernat
- jhamman
- scottyhq
- TomAugspurger
JupyterHub:
authenticator_class: github
GitHubOAuthenticator:
Expand All @@ -55,6 +46,12 @@ basehub:
- 2i2c-org:hub-access-for-2i2c-staff
scope:
- read:org
Authenticator:
admin_users:
- rabernat
- jhamman
- scottyhq
- TomAugspurger
singleuser:
extraEnv:
GH_SCOPED_CREDS_CLIENT_ID: "Iv1.c90ee430400a347f"
Expand Down
11 changes: 4 additions & 7 deletions config/clusters/qcl/common.values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -36,13 +36,6 @@ jupyterhub:
hub:
allowNamedServers: true
config:
Authenticator:
# This hub uses GitHub Teams auth and so we don't set
# allowed_users in order to not deny access to valid members of
# the listed teams. These people should have admin access though.
admin_users:
- gizmo404
- jtkmckenna
JupyterHub:
authenticator_class: github
GitHubOAuthenticator:
Expand All @@ -51,6 +44,10 @@ jupyterhub:
- QuantifiedCarbon:jupyterhub
scope:
- read:org
Authenticator:
admin_users:
- gizmo404
- jtkmckenna
singleuser:
image:
# pangeo/pangeo-notebook is maintained at: https://github.com/pangeo-data/pangeo-docker-images
Expand Down
3 changes: 0 additions & 3 deletions config/clusters/smithsonian/common.values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -48,9 +48,6 @@ basehub:
- read:org
Authenticator:
enable_auth_state: true
# This hub uses GitHub Orgs auth and so we don't set allowed_users in
# order to not deny access to valid members of the listed orgs. These
# people should have admin access though.
admin_users:
- MikeTrizna # Mike Trizna
- rdikow # Rebecca Dikow
Expand Down
11 changes: 4 additions & 7 deletions config/clusters/victor/common.values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -34,13 +34,6 @@ basehub:
url: https://people.climate.columbia.edu/projects/sponsor/National%20Science%20Foundation
hub:
config:
Authenticator:
# This hub uses GitHub Teams auth and so we don't set
# allowed_users in order to not deny access to valid members of
# the listed teams. These people should have admin access though.
admin_users:
- einatlev-ldeo
- SamKrasnoff
JupyterHub:
authenticator_class: github
GitHubOAuthenticator:
Expand All @@ -49,6 +42,10 @@ basehub:
- VICTOR-Community:victoraccess
scope:
- read:org
Authenticator:
admin_users:
- einatlev-ldeo
- SamKrasnoff
singleuser:
profileList:
# The mem-guarantees are here so k8s doesn't schedule other pods
Expand Down

0 comments on commit c1d73c3

Please sign in to comment.