Hello
I'm having trouble setting up oidc in GKE, ...
# all-things-deploymentp
proud-lamp-13920
07/19/2022, 6:54 AMHello
I'm having trouble setting up oidc in GKE, so I'm asking for help.
As stated in the documentation, I want to set the following in gke, but I don't know how.
https://datahubproject.io/docs/how/auth/sso/configure-oidc-react-google#4-configure-datahub-frontend-to-enable-oidc-authentication
Copy code
AUTH_OIDC_ENABLED=true
AUTH_OIDC_CLIENT_ID=your-client-id
AUTH_OIDC_CLIENT_SECRET=your-client-secret
AUTH_OIDC_DISCOVERY_URI=<https://accounts.google.com/.well-known/openid-configuration>
AUTH_OIDC_BASE_URL=your-datahub-url
AUTH_OIDC_SCOPE="openid profile email"
AUTH_OIDC_USER_NAME_CLAIM=email
AUTH_OIDC_USER_NAME_CLAIM_REGEX=([^@]+)b
bumpy-needle-3184
07/19/2022, 11:55 AMHi Julian ,if you are using helm to deploy datahub in kubernetes , you can check below value.yaml
https://github.com/acryldata/datahub-helm/blob/master/charts/datahub/values.yaml
bumpy-needle-3184
07/19/2022, 12:00 PMadd entries for OIDC config under `datahub-frontend`: (line 9) . It would like below after update
Copy code
datahub-frontend:
enabled: true
image:
repository: linkedin/datahub-frontend-react
tag: "v0.8.41"
# Set up ingress to expose react front-end
ingress:
enabled: false
extraEnvs:
- name: AUTH_OIDC_ENABLED
value: "true"
- name: AUTH_OIDC_CLIENT_ID
value: <our-id>
- name: AUTH_OIDC_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: oidc-secret # we have a K8s secret for this!
key: oidc-secret
- name: AUTH_OIDC_DISCOVERY_URI
value: <our-discovery-uri>
- name: AUTH_OIDC_BASE_URL
value: <our-base-uri-where-datahub-lives>
- name: AUTH_OIDC_SCOPE
value: "openid email profile"
- name: AUTH_OIDC_USER_NAME_CLAIM
value: emailp
proud-lamp-13920
07/20/2022, 1:52 AM@bumpy-needle-3184
Thank you for you help
I'will try it!!!
Thank you!!!! Thank you!!!
teamwork 1
6 Views