Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Release-1.31] - The "Standalone"-mode of oidc-login in the wrapped kubectl library fails, with: no Auth Provider found for name "oidc" #11273

Closed
brandond opened this issue Nov 8, 2024 · 1 comment
Closed

[Release-1.31] - The "Standalone"-mode of oidc-login in the wrapped kubectl library fails, with: no Auth Provider found for name "oidc" #11273

brandond opened this issue Nov 8, 2024 · 1 comment
Assignees
@brandond @mdrahman-suse
Milestone
v1.31.3+k3s1

Comments

@brandond
Copy link
Member

brandond commented Nov 8, 2024

Backport fix for The "Standalone"-mode of oidc-login in the wrapped kubectl library fails, with: no Auth Provider found for name "oidc"
@brandond brandond self-assigned this Nov 8, 2024
@brandond brandond mentioned this issue Nov 13, 2024
Merged
@mdrahman-suse mdrahman-suse self-assigned this Nov 14, 2024
@mdrahman-suse mdrahman-suse moved this from New to To Test in K3s Development Nov 14, 2024
@mdrahman-suse mdrahman-suse added this to the v1.31.3+k3s1 milestone Nov 14, 2024
@mdrahman-suse
Copy link

Validated on release-1.31 with commit 53d4dd8

NOTE: No real OIDC provider has been used

Environment, Cluster config

Ubuntu 24.04
Single server

Testing steps:

  • Install k3s
  • Ensure cluster is up
  • Append /etc/rancher/k3s/k3s.yaml (Default kubeconfig location) with below under users:
- name: keycloak
  user:
    auth-provider:
      config:
        client-id: YOUR_CLIENT_ID
        client-secret: YOUR_CLIENT_SECRET
        idp-issuer-url: https://issuer.example.com
      name: oidc
  • Update user under context in /etc/rancher/k3s/k3s.yaml with below:
- context:
    cluster: default
    user: keycloak
...
  • Run kubectl auth whoami
  • Ensure the error below is NOT observed
error: no Auth Provider found for name "oidc"

Replication

$ k3s -v
k3s version v1.31.2+k3s1 (6da20424)
go version go1.22.8

## Update kubeconfig file
$ sudo vi /etc/rancher/k3s/k3s.yaml

## Error is observed
$ kubectl auth whoami
error: no Auth Provider found for name "oidc"

Validation

$ k3s -v
k3s version v1.31.2+k3s-53d4dd85 (53d4dd85)
go version go1.22.8

## Update kubeconfig
$ sudo vi /etc/rancher/k3s/k3s.yaml

## Error is NOT observed, this is expected with dummy auth provider 
$ kubectl auth whoami
Unable to connect to the server: No valid id-token, and cannot refresh without refresh-token

@github-project-automation github-project-automation bot moved this from To Test to Done Issue in K3s Development Nov 21, 2024
This was referenced Dec 2, 2024
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@brandond brandond

@mdrahman-suse mdrahman-suse

Labels
None yet
Projects
K3s Development
Status: Done Issue
Milestone
v1.31.3+k3s1
Development

No branches or pull requests
2 participants
@brandond @mdrahman-suse