While this will work for most cases, there could be the case where the dex-auth's issuer and oidc-gatekeeper's OIDC_PROVIDER cannot just point to dex's Service (e.g. when having a connector).
What needs to get done
Write a spec file that covers the case for when dex is deployed as a OIDC provider and also when there is an arbitrary connector.
Definition of Done
There is a spec that clearly defines the scenarios and provides options to configure dex/oidc based on each.
Context
There is a proposal in https://github.com/canonical/bundle-kubeflow/issues/608 about how the
public_url
configuration option is not required, as it can be set to dex's service (see https://github.com/canonical/bundle-kubeflow/issues/608#issuecomment-1768177382 for more information).While this will work for most cases, there could be the case where the dex-auth's
issuer
and oidc-gatekeeper'sOIDC_PROVIDER
cannot just point to dex'sService
(e.g. when having a connector).What needs to get done
Write a spec file that covers the case for when dex is deployed as a OIDC provider and also when there is an arbitrary connector.
Definition of Done
There is a spec that clearly defines the scenarios and provides options to configure dex/oidc based on each.