Which component(s) is affected?
Kubero UI
Describe the bug
I configured Kubero according to the latest documentation with kubero.auth.oauth2.enabled set to true and all the relevant values filled out;
....
spec:
kubero:
readonly: false
webhook_url: https://....
auth:
oauth2:
enabled: true
....
First thing is that the container refused to run unless I also set OAUTH2_CLIENT_SECRET in the secret. Which is weird, because in the documentation it says to (also?) set this in the oauth2 config. Both are now set.
This does nothing. The UI just shows up without ANY authentication at all. I can open the URL and it just goes into the UI and I can perform all operations.
Next I set KUBERO_USERS to an empty list (W10= which is base64 for []).
Now the UI shows a login form, but only for username and password.
There is no indication in the documentation on how to log in with oauth2 or how to enforce it.
Steps to reproduce
- Deploy kubero as per documentation
- Edit the deployment config to set up oauth2
- Restart the pod or re-do the deployment
- Open the UI - no login of any kind is enforced
Expected behavior
I expect the login screen to show up and offer me an option to log in with oauth2.
If local users are enabled (even as empty list), I expect some option to go for oauth2.
Screenshots
Additional information
No response
Debug information
No response
Which component(s) is affected?
Kubero UI
Describe the bug
I configured Kubero according to the latest documentation with
kubero.auth.oauth2.enabledset totrueand all the relevant values filled out;First thing is that the container refused to run unless I also set
OAUTH2_CLIENT_SECRETin the secret. Which is weird, because in the documentation it says to (also?) set this in the oauth2 config. Both are now set.This does nothing. The UI just shows up without ANY authentication at all. I can open the URL and it just goes into the UI and I can perform all operations.
Next I set
KUBERO_USERSto an empty list (W10=which is base64 for[]).Now the UI shows a login form, but only for username and password.
There is no indication in the documentation on how to log in with oauth2 or how to enforce it.
Steps to reproduce
Expected behavior
I expect the login screen to show up and offer me an option to log in with oauth2.
If local users are enabled (even as empty list), I expect some option to go for oauth2.
Screenshots
Additional information
No response
Debug information
No response