Description of problem:
After keycloak setup in ArgoCD CR, the LOG IN VIA KEYCLOAK fails to login argocd UI using this feature.
Prerequisites (if any, like setup, operators/versions):
Freshly installed Gitops-1.6.4/1.7.1
Steps to Reproduce
- Install Gitops-1.6.4/1.7.1
- Manually delete dex from sso in ArgoCD CR under namespace openshift-gitops
Add to the ArgoCD CR (operator version >= 1.6)
spec:
extraConfig:
oidc.tls.insecure.skip.verify: 'true'
sso:
provider: keycloak
keycloak:
rootCA: "---BEGIN—END—"
- Restart argocd server pod :- $ oc rollout restart deployment.apps/openshift-gitops-server -n openshift-gitops
- The pods will appear like below
NAME READY STATUS RESTARTS AGE cluster-6f76bb747d-wrlxt 1/1 Running 0 13h kam-7b99974b48-n6v6s 1/1 Running 0 13h keycloak-1-deploy 0/1 Completed 0 13h keycloak-1-rkml9 1/1 Running 0 13h openshift-gitops-application-controller-0 1/1 Running 0 13h openshift-gitops-applicationset-controller-7f4cdf977b-bptgk 1/1 Running 0 13h openshift-gitops-redis-794f4dbb9f-dpsvg 1/1 Running 0 13h openshift-gitops-repo-server-767456f978-7r9d5 1/1 Running 0 13h openshift-gitops-server-58d89584f6-gqm4d 1/1 Running 0 13h
6. Navigate and click link to Networking->Routes->openshift-gitops-server under namespace openshift-gitops and open argocd UI
7. Click on LOG IN VIA KEYCLOAK
Actual results:
Below is example of Failed message :-
Failed to query provider "https://keycloak-openshift-gitops.apps.rashmi-pipe-49.maistra.upshift.redhat.com/auth/realms/argocd": Get "https://keycloak-openshift-gitops.apps.rashmi-pipe-49.maistra.upshift.redhat.com/auth/realms/argocd/.well-known/openid-configuration": dial tcp: lookup keycloak-openshift-gitops.apps.rashmi-pipe-49.maistra.upshift.redhat.com on 172.30.0.10:53: no such host
Expected results:
The argocd UI should login using LOG IN VIA KEYCLOAK
Reproducibility (Always/Intermittent/Only Once):
Build Details:
GitOps-1.6.4/1.7.1 on Power