In PR https://github.com/camunda/camunda-platform-helm/pull/1509 , the ingress pathType was made configurable instead of hardcoded values. Each component was given default values under global.ingress.pathType and <component>.ingress.pathType.
However, identityKeycloak was not given a default value for this pathType, and therefore, uses the default of the upstream keycloak pathType.
The user is using AWS ALB as an ingress controller.
jessesimpson36
commented
3 weeks ago
Describe the issue:
In PR https://github.com/camunda/camunda-platform-helm/pull/1509 , the ingress
pathTypewas made configurable instead of hardcoded values. Each component was given default values underglobal.ingress.pathTypeand<component>.ingress.pathType.However, identityKeycloak was not given a default value for this pathType, and therefore, uses the default of the upstream keycloak pathType.
The user is using AWS ALB as an ingress controller.
https://github.com/bitnami/charts/blob/edcbba396fa1d90b80f8ad2a185669747454379f/bitnami/keycloak/values.yaml#L602
Which is
ImplementationSpecific. User reports getting a 404 on any keycloak url, and can only fix it by changing their pathType to be prefix.The proposal is to make Prefix the default value.
SUPPORT-22182
Actual behavior:
404 on keycloak.
Expected behavior:
Keycloak web interface is accessible under the /auth/ subpath when accessing via ingress.
How to reproduce:
Logs:
Environment:
Please note: Without the following info, it's hard to resolve the issue and probably it will be closed.