fharper
commented
5 months ago This could be a good fix while we fix https://github.com/kubefirst/kubefirst/issues/1536
Open mrsimonemms opened 5 months ago
fharper
commented
5 months ago This could be a good fix while we fix https://github.com/kubefirst/kubefirst/issues/1536
Which version of kubefirst are you using?
2.4.10
Which cloud provider?
k3d (local)
Which DNS?
None specific
Which installation type?
CLI
Which distributed Git provider?
None specific
Did you use a fork of
gitops-template?No
Which Operating System?
Linux
What is the issue?
On K3s, the Argo login offers "login via Vault" as an option. This resolves to vault.kubefirst.dev, which points to
127.0.0.1. The OIDC.well-knownURL cannot resolve this because the127.0.0.1want is the host machine, not the container (returning the errorFailed to query provider "https://vault.kubefirst.dev/v1/identity/oidc/provider/kubefirst": Get "https://vault.kubefirst.dev/v1/identity/oidc/provider/kubefirst/.well-known/openid-configuration": dial tcp 127.0.0.1:443: connect: connection refused).Whilst this isn't a major problem as the user is able to login with a username and password, it is definitely a rough edge. Suggestions for this are:
login via Vaultbutton/etc/hostsfile on the container so thatvault.kubefirst.devpoints to the correct pod IPCode of Conduct