search

goharbor / harbor-operator

Kubernetes operator for Harbor service components
Apache License 2.0
348 stars 107 forks source link

Unable to apply Day2 configs to configure OIDC #769

Open divyanshuch1 opened 3 years ago

divyanshuch1 commented 3 years ago

I am unable to apply day2 configs to apply the OIDC configuration to running harbor cluster. Changing Auth mode and OIDC setting through UI of portal working fine but facing challenge in doing the same with kind=harborconfiguration

I took reference from swagger

I am applying the following manifest

apiVersion: v1
kind: Secret
metadata:
  name: secret-sample
  namespace: cluster-sample-ns
type: Opaque
stringData:
  # the key is same with fields name.
  oidc_client_secret: 76e6fa8d-4835

apiVersion: goharbor.io/v1beta1
kind: HarborConfiguration
metadata:
  name: test-config
  namespace: cluster-sample-ns
spec:
  # your harbor configuration
  configuration:
    auth_mode: oidc
    oidc_client_secret: secret-sample
    oidc_name: "keycloak"
    oidc_endpoint: "https://keycloak-keycloak.apps.op.divyanshutech.com/auth/realms/harbor"
    oidc_client_id: "harbor"
    oidc_client_secret: secret-sample
    oidc_groups_claim: "harbor"
    oidc_admin_group:
    oidc_scope: "openid,offline_access"
    oidc_verify_cert: false
    oidc_auto_onboard: false
  harborClusterRef: harborcluster-sample

Screenshot from 2021-09-10 21-44-01

bitsf commented 3 years ago

can you check harbor-core log if there're any error? and how many users have you created before apply this configure?