Uploaded image for project: 'OpenShift GitOps'
  1. OpenShift GitOps
  2. GITOPS-5977

openshift-gitops-controller-manager pod logs shoot up enabling keycloak

XMLWordPrintable

    • 5
    • False
    • Hide

      None

      Show
      None
    • False
    • Hide
      Before this update, the scope configuration in the RBAC ConfigMap was set to '[groups,email]' without updating the Spec.RBAC.Scopes which caused a conflict during the ConfigMap sync when switching to Keycloak SSO and updating the ArgoCDConfiguration. This update fixes the issue by adding the logic to preserve the RBAC scope configuration in the RBAC ConfigMap when updating to SSO Keycloak.
      Show
      Before this update, the scope configuration in the RBAC ConfigMap was set to '[groups,email]' without updating the Spec.RBAC.Scopes which caused a conflict during the ConfigMap sync when switching to Keycloak SSO and updating the ArgoCDConfiguration. This update fixes the issue by adding the logic to preserve the RBAC scope configuration in the RBAC ConfigMap when updating to SSO Keycloak.
    • 5
    • GitOps Crimson - Sprint 3269, GitOps Crimson Sprint 3270

      Description of Problem

      • Upon enabling keycloak, controller pod logs shoot up

      Additional Info

      • <Any additional info such as logs, must-gather outputs, etc.>

      Problem Reproduction

      • Install the operator
      • Disable dex and enable keycloak
      $ oc -n openshift-gitops patch argocd openshift-gitops --type='json' -p='[{
  "op": "add", 
  "path": "/spec/extraConfig", 
  "value":{
    "oidc.tls.insecure.skip.verify": "true"
  }
},
{
  "op": "add", 
  "path": "/spec/sso",
  "value": {
      "keycloak": {
          "rootCA": "---BEGIN---END---"
      },
      "provider": "keycloak"
    }
}]'

      Reproducibility

      • Always

      Prerequisites/Environment

      • Tested on gitops version 1.13.3, 1.14.2 and 1.15.0, OCP version 4.14 and 4.17

      Steps to Reproduce

      • SeeĀ Problem Reproduction

      Expected Results

      • Controller pod logs don't shoot up on enabling keycloak

      Actual Results

      • Login via keycloak is successful but controller log shoot up

      Problem Analysis

      • <Completed by engineering team as part of the triage/refinement process>

      Root Cause

      • <What is the root cause of the problem? Or, why is it not a bug?>

      Workaround (If Possible)

      • <Are there any workarounds we can provide to the customers?>

      Fix Approaches

      • <If we decide to fix this bug, how will we do it?>

      Acceptance Criteria

      • ...

      Definition of Done

      • Code Complete:
        • All code has been written, reviewed, and approved.
      • Tested:
        • Unit tests have been written and passed.
        • Ensure code coverage is not reduced with the changes.
        • Integration tests have been automated.
        • System tests have been conducted, and all critical bugs have been fixed.
        • Tested and merged on OpenShift either upstream or downstream on a local build.
      • Documentation:
        • User documentation or release notes have been written (if applicable).
      • Build:
        • Code has been successfully built and integrated into the main repository / project.
        • Midstream changes (if applicable) are done, reviewed, approved and merged.
      • Review:
        • Code has been peer-reviewed and meets coding standards.
        • All acceptance criteria defined in the user story have been met.
        • Tested by reviewer on OpenShift.
      • Deployment:
        • The feature has been deployed on OpenShift cluster for testing.

        1. openshift-gitops-operator-controller-manager-689cd7cd47-6jhpj-manager.log
          1.70 MB
          Varsha B

              nmirasch@redhat.com Neus Miras Chueca
              rhn-support-vab Varsha B
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: