Open stepanselyuk opened 9 months ago
In the Kubernetic ingress I used these annotations:
annotations:
nginx.ingress.kubernetes.io/auth-signin: 'https://$host/oauth2/start?rd=$escaped_request_uri'
nginx.ingress.kubernetes.io/auth-url: 'https://$host/oauth2/auth'
nginx.ingress.kubernetes.io/auth-response-headers: "x-auth-request-user, x-auth-request-groups, x-auth-request-email"
I confirmed with tcpdump and wireshark that Kubernetic receives these headers (populated):
x-auth-request-user: 11146279033.....\r\n
x-auth-request-email: stepan@[REDACTED]\r\n
x-auth-request-access-token: [REDACTED]\r\n
The user with the specified email I also added in Kubernetic. And also added the user mentioned in the x-auth-request-user header. Nothing works.
Hello,
how to use oauth2-proxy in front of Kubernetic? In general it's working as usually, but I cannot make "users" work, so all users just going to use admin local default account.
I added a few specific arguments to oauth2-proxy, so it should pass headers to kubernetic, like
X-Auth-Request-User
,X-Auth-Request-Groups
,X-Auth-Request-Email
andX-Auth-Request-Preferred-Username
https://oauth2-proxy.github.io/oauth2-proxy/configuration/overview/
but I'm unsure if the headers passed to Kubernetic, and if Kubernetic should react on those.