search

gogatekeeper / gatekeeper

An OpenID / Proxy service
https://gogatekeeper.github.io/gatekeeper/
Apache License 2.0
253 stars 43 forks source link

Failed to pass resources args - invalid identifier #474

Closed NonneTrapuE closed 2 weeks ago

NonneTrapuE commented 3 weeks ago

Hi !

I encounter a problem with optionals args resources. I can't use "white-listed", i have an error :

[error] invalid resource 'uri=/#/s/*|white-listed=true', invalid identifier, should be roles, uri or methods

My Yaml file : 

apiVersion: apps/v1
kind: Deployment
metadata:
  name: gogatekeeper
  annotations:
    meta.helm.sh/release-namespace: yopass
  namespace: yopass
spec:
  replicas: 1
  selector:
    matchLabels:
      app.kubernetes.io/name: gogatekeeper
  template:
    metadata:
      labels:
        app.kubernetes.io/name: gogatekeeper
    spec:
      containers:
        - name: gogatekeeper
          image: quay.io/gogatekeeper/gatekeeper:2.12.0
          resources:
            limits:
              cpu: 100m
              memory: 100Mi
            requests:
              cpu: 100m
              memory: 100Mi
          args:
            - "--config=/config/gogatekeeper.yaml"
            - "--resources='uri=/#/s/*|white-listed=true'"
          ports:
            - name: http
              containerPort: 3000
          volumeMounts:
          - name: gogatekeeper-yaml
            mountPath: "/config"
            readOnly: True
      dnsPolicy: ClusterFirst
      volumes:
      - name: gogatekeeper-yaml
        configMap:
          name: gogatekeeper-yaml
          items:
            - key: "gogatekeeper.yaml"
              path: "gogatekeeper.yaml"

While in doc, you can use this resources args.

Any idea ?

Thanks !

p53 commented 3 weeks ago

@NonneTrapuE to clarify it works when resources in yaml config but not when supplied through arguments?

NonneTrapuE commented 3 weeks ago

I wanted to debug my yaml config file (gogatekeeper.yaml) with supplied args command line, but i have this error message.

Edit : Have the same error message when i want to define groups in args command line

[error] invalid resource 'uri=/#/s/*|groups=XXX', invalid identifier, should be roles, uri or methods

p53 commented 3 weeks ago

thanks for reporting! will look at it

NonneTrapuE commented 3 weeks ago

Update : with gogatekeeper.yaml config file, args are okay

XXXXXXXXXXX info protecting resource {"resource": "uri: /#/s/*, white-listed"}

p53 commented 3 weeks ago

@NonneTrapuE plese remove those single quotes from resource parameter, example here: https://github.com/gogatekeeper/gatekeeper/blob/2cdd9956b64dd6cae1b7c06e52f71d028d920c16/kube/reverse.yml#L38

NonneTrapuE commented 1 week ago

@NonneTrapuE plese remove those single quotes from resource parameter, example here:

https://github.com/gogatekeeper/gatekeeper/blob/2cdd9956b64dd6cae1b7c06e52f71d028d920c16/kube/reverse.yml#L38

Hi ! Thanks for quick response, i will test !