Implement idam and gitlab sso

[corang]

paired with @Michael-Kruggel

[mikevanhemert]

This looks awesome! ~Three~ Two smallish questions

1. ~Is there a time / way we would move the IdAM GitLab, IdAM Realm, and DNS stuff out of SWF and parameterize it so it could be more easily integrated into other bundles?~ I read more into this and realize the question is dumb. Please disregard :smiling_face_with_tear:
2. How heavy of a lift is is to replace babyyoda Realm with something Defense Unicornier like a doug realm?
3. What are the required next steps (if any?) to make this run-time configurable for different hero environments?

[corang]

This looks awesome! ~Three~ Two smallish questions

1. ~Is there a time / way we would move the IdAM GitLab, IdAM Realm, and DNS stuff out of SWF and parameterize it so it could be more easily integrated into other bundles?~ I read more into this and realize the question is dumb. Please disregard 🥲

2. How heavy of a lift is is to replace babyyoda Realm with something Defense Unicornier like a doug realm?

3. What are the required next steps (if any?) to make this run-time configurable for different hero environments?

@mikevanhemert

1. all good
2. I'm not very familiar with keycloak but I don't think it would be too hard
3. It's configurable for different environments already. You have to set some variables off of their defaults, provide your own realm file, and provide your own definition of the omniauth config for gitlab

[corang]

confirmed locally that it works, but we really need a different realm 😓 It wants me to setup 2fa for a test acccount

[Michael-Kruggel]

/test all :robot: View pipeline run

[corang]

/test all :robot: View pipeline run

[corang]

Confirmed can login with a keycloak account into gitlab

[corang]

/test all :robot: View pipeline run