Skip to content

Commit 8bb1f7e

Browse files
RedjiJBRedjiJB
committed
docs: Sprint 38 INT-08b CHANGELOG v1.34.0 + TODO INT-08b marked done
1 parent 6e36e84 commit 8bb1f7e

File tree

2 files changed

+19
-1
lines changed

2 files changed

+19
-1
lines changed

CHANGELOG.md

Lines changed: 18 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,24 @@ This project adheres to [Keep a Changelog](https://keepachangelog.com/en/1.1.0/)
99
## [Unreleased]
1010

1111
### Planned — Next Up
12-
- Remaining SSO integrations (INT-08b)
12+
- Business workflow integrations (FreePBX↔SuiteCRM, SuiteCRM↔Odoo, Zabbix↔Mattermost, etc.)
13+
14+
---
15+
16+
## [1.34.0] — 2026-03-04
17+
18+
### Added — Sprint 38: INT-08b Snipe-IT ↔ Keycloak SAML 2.0
19+
20+
**Ansible (`it-stack-ansible`):**
21+
- `roles/snipeit/tasks/keycloak-saml.yml` — INT-08b idempotent 8-step SAML 2.0 playbook: assert KC IdP metadata reachable, assert EntityDescriptor + X509Certificate, extract cert + build all SP/IdP URL facts, deploy `snipeit-saml-settings.env.j2` to `.env.saml`, blockinfile SAML2 vars into `.env`, run `php artisan saml2:create-tenant`, flush handlers, final assert
22+
- `roles/snipeit/templates/snipeit-saml-settings.env.j2` — SAML2 .env config template: `SAML2_ENABLED`, `SAML2_IDP_METADATA_URL`, SP entity ID + ACS + SLO URLs, IdP entityID + SSO/SLO endpoints, IdP X509 cert, attribute mapping (uid/email/givenName/sn), `KEYCLOAK_URL/REALM/CLIENT_ID`
23+
- `roles/snipeit/tasks/main.yml` — added `keycloak-saml.yml` import guarded by `snipeit_enable_keycloak_saml | default(true)`
24+
25+
**Integration test (`it-stack-snipeit`):**
26+
- `docker/snipeit-ldap-seed.ldif` — FreeIPA-style LDAP seed (cn=accounts tree, users: snipeadmin/snipeuser1/snipeuser2, groups: admins/snipeit-users)
27+
- `docker/docker-compose.integration.yml` — added `snipeit-i05-ldap-seed` init service (ldapadd, depends on LDAP healthy, restart: "no"), KC `depends_on: service_completed_successfully`, KC healthcheck updated to `/health/ready`, injected `SAML2_ENABLED + SAML2_IDP_METADATA_URL + SAML2_SP_ENTITY_ID + SAML2_SP_ACS_URL + SAML2_AUTOLOAD_METADATA` into Snipe-IT app container
28+
- `tests/labs/test-lab-16-05.sh` — rewritten: 8-phase INT-08b test (container health + seed exit, MariaDB/WireMock/KC/Snipe-IT health, LDAP seed verify, KC realm + LDAP federation + SAML client registration + LDAP sync, SAML IdP metadata HTTP + EntityDescriptor + X509 cert + internal reach, env var assertions, WireMock Odoo stubs + Snipe-IT connectivity, volume + DB/LDAP/MAIL env assertions)
29+
- `.github/workflows/ci.yml` — lab-05-smoke updated (name, python3 tool, wait order: MariaDB → OpenLDAP → LDAP seed exit → KC 300 s health/ready → WireMock → Snipe-IT)
1330

1431
---
1532

docs/IT-STACK-TODO.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -394,6 +394,7 @@ All 5 repos have:
394394
- [x] Zammad ↔ Keycloak OIDC ← **INT-06 DONE** (Sprint 35: keycloak-oidc.yml + Zammad channels API + integration test)
395395
- [x] GLPI ↔ Keycloak SAML ← **INT-07 DONE** (Sprint 36: keycloak-saml.yml + glpi-saml-config.php.j2 + SAML IdP metadata + integration test)
396396
- [x] Taiga ↔ Keycloak OIDC ← **INT-08 DONE** (Sprint 37: keycloak-oidc.yml + taiga-contrib-oidc-auth + taiga-oidc-settings.py.j2 + integration test)
397+
- [x] Snipe-IT ↔ Keycloak SAML ← **INT-08b DONE** (Sprint 38: keycloak-saml.yml + snipeit-saml-settings.env.j2 + LDAP seed + integration test)
397398

398399
### Business Workflow Integrations
399400
- [ ] FreePBX ↔ SuiteCRM (click-to-call, call logging)

0 commit comments

Comments
 (0)