Uploaded image for project: 'OpenShift GitOps'
  1. OpenShift GitOps
  2. GITOPS-1331

Dex configuration using ".spec.sso" provider

    XMLWordPrintable

Details

    • Dex configuration using ".spec.sso" provider
    • 8
    • Backlog - Operator, GITOPS Sprint 209, GITOPS Sprint 210, GITOPS Sprint 211
    • False

    Description

      As an Argo CD admin/user I would like to see all the SSO provider under `.spec.sso` field in the Argo CD CR. Moving to this "provider" parameter will allow at most one SSO provider to be enabled at any time. We can then enforce Dex pods should only be created when `.spec.sso.provider: dex` is enabled

      Background:

      1. Currently Keycloak SSO provider can be configured using the `.spec.sso.provider` option whereas Dex can be configured using the `.spec.dex` field in the Argo CD CR. The goal is to have a unified location for all the SSO providers.
      2. Currently Dex pods are created by default for any Argo CD instance created by the gitops-operator unless the DISABLE_DEX env var is set to `true` in the CSV/Subscription resource. This behavior should be changed. Dex pods should only be created when `.spec.sso.provider: dex` is configured in the Argo CD CR.

      Acceptance Criteria:

      • `.spec.dex` is deprecated and a notice is added to release notes that it will be removed in 1.9
      • A k8s event is created when `.spec.dex` is used by customer (Slack convo)
      • `.spec.sso` is added as the right way of specifying sso provider and added to the release notes
      • Dex pods should only be created when `.spec.sso.provider: dex` is configured in the Argo CD CR.

      Attachments

        Issue Links

          Activity

            People

              jrao@redhat.com Jaideep Rao
              aveerama@redhat.com Abhishek Veeramalla
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: