Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make OIDC Discovery URL configurable #8121

Closed
Cali0707 opened this issue Jul 31, 2024 · 3 comments · Fixed by #8145
Closed

Make OIDC Discovery URL configurable #8121

Cali0707 opened this issue Jul 31, 2024 · 3 comments · Fixed by #8145
Assignees
@Cali0707
Labels
area/api kind/feature-request

Comments

@Cali0707
Copy link
Member

Problem
The OIDC discovery URL for kubernetes https://kubernetes.default.svc/.well-known/openid-configuration does not work in every distribution, for example in EKS (see aws/containers-roadmap#2234). For now, we should work around this by allowing users to set this discovery url themselves in the config-features configmap.

This can be a field in the configmap:

apiVersion: v1
kind: ConfigMap
metadata:
  name: config-features
  namespace: knative-eventing
data:
  oidc-discovery-url: https://kubernetes.default.svc/.well-known/openid-configuration # or something else, this is just the default

Persona:
Which persona is this feature for?

Any user wanting OIDC in EKS

Exit Criteria
A measurable (binary) test that would indicate that the problem has been resolved.

Time Estimate (optional):
How many developer-days do you think this may take to resolve? 1-2

Additional context (optional)
Add any other context about the feature request here.

This should fix the root cause of knative-extensions/eventing-kafka-broker#3901
@Cali0707 Cali0707 self-assigned this Jul 31, 2024
@Cali0707 Cali0707 mentioned this issue Jul 31, 2024
Open
@pierDipi
Copy link
Member

pierDipi commented Aug 8, 2024

@creydr can you take a look at this issue and the related one here knative-extensions/eventing-kafka-broker#3901

It makes sense to me but I'll leave that to you

@creydr
Copy link
Member

creydr commented Aug 8, 2024

This issue makes definitely sense to me, especially as it seems users have issues on EKS...

@Cali0707
Copy link
Member Author

Cali0707 commented Aug 9, 2024

/assign

@Cali0707 Cali0707 mentioned this issue Aug 9, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Cali0707 Cali0707

Labels
area/api kind/feature-request
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: make oidc discovery url configurable Cali0707/eventing
3 participants
@creydr @pierDipi @Cali0707