Closed afoninsky closed 5 years ago
Do you have the cert-manager installed? The gRPC certs are issued by cert-manager.
We are using a forked version of dex because of a missing gRPC API, which it was recently merged into upstream dex, but I never tried.
You can try with this version of dex chart https://github.com/jenkins-x/dex/tree/master/charts/dex which has integration with cert-manager.
@afoninsky Do you need more help? Can I close this issue?
I'm getting error when try to install
sso-operator
. Pod fails with error"failed to crate dex client: failed to load the CA cert from '/etc/dex/tls/tls.crt'"
.Looks like there is a hard requirement about number of public certificates: https://github.com/jenkins-x/sso-operator/blob/5da43d3f701385be7d545ec0f654166683dea62b/pkg/dex/client.go#L39
Is it correct, or I do something wrong?
Steps to reproduce: 1) Have latest
dex
installed from the charts:2) Install latest
sso-operator
:sso-operator.yml:
Default secret name is
dex-grpc-client-cert
, but I've change it as stable/dex chart installs secret with namedex-grpc-client-tls
Full sso-operator chart output for debug purposes: https://gist.github.com/afoninsky/8d881f994acff562d6db9484a79c96b7 Failed certificate: https://gist.github.com/afoninsky/51aa6eb1b070dcdd585f69523d9b2a64