Uploaded image for project: 'OpenShift GitOps'
  1. OpenShift GitOps
  2. GITOPS-5437

UI not available: "oidc: issuer did not match the issuer returned by provider"

XMLWordPrintable

    • False
    • None
    • False
    • Hide
      Before this update, when using dex configuration for SSO, when there is a race condition between the ArgoCD server route becoming ready ready and the gitops operator creating the configuration for the ArgoCD instance, it was not possible to login to the ArgoCD web console UI and the login screen would report an error about invalid redirect URI configured in the dex configuration. This update fixes the issue by having the right dex redirect url updated in the ArgoCD configuration every time the ArgoCD server route is updated.
      Show
      Before this update, when using dex configuration for SSO, when there is a race condition between the ArgoCD server route becoming ready ready and the gitops operator creating the configuration for the ArgoCD instance, it was not possible to login to the ArgoCD web console UI and the login screen would report an error about invalid redirect URI configured in the dex configuration. This update fixes the issue by having the right dex redirect url updated in the ArgoCD configuration every time the ArgoCD server route is updated.
    • Important

      Description of problem:

      GitOps UI is not access with a message:

      Failed to query provider "https://openshift-gitops-server-openshift-gitops.apps.qesno.lab.eng.tlv2.redhat.com/api/dex": oidc: issuer did not match the issuer returned by provider, expected "https://openshift-gitops-server-openshift-gitops.apps.qesno.lab.eng.tlv2.redhat.com/api/dex" got "https://openshift-gitops-server/api/dex"

      After restarting all deployments in the openshift-gitops ns message changed to:

      Invalid redirect URL: the protocol and host (including port) must match and the path must be within allowed URLs if provided

      Workaround - N/A

      Prerequisites (if any, like setup, operators/versions):

      Single Node OpenShift
      OCP version: 4.15.0-ec.3
      GitOps Version:

       oc get csv -n openshift-gitops
NAME                                       DISPLAY                            VERSION   REPLACES                                   PHASE
openshift-gitops-operator.v1.11.0          Red Hat OpenShift GitOps           1.11.0    openshift-gitops-operator.v1.10.1          Succeeded
topology-aware-lifecycle-manager.v4.14.1   Topology Aware Lifecycle Manager   4.14.1    topology-aware-lifecycle-manager.v4.14.0   Succeeded

      Steps to Reproduce

      Check setup ~30 hours after initial deployment/configuraiton

      Actual results:

      UI not accessible

      Expected results:

      UI is accessible

      Reproducibility (Always/Intermittent/Only Once):

      So far that's 1st attempt to deploy OCP 4.15

              rescott1 Regina Scott (Inactive)
              rhn-support-skrenger Simon Krenger
              Votes:
              1 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: