gaiksaya
commented
2 months ago Dex has a very limited documentation starting with where to get started. On the other hand, keycloak seems to have better documentation and easy integration with GH is available too. Quick read: https://medium.com/keycloak/github-as-identity-provider-in-keyclaok-dca95a9d80ca
Is your feature request related to a problem? Please describe. As of now, nightly playground has limited users based on local database (admin, kibanaserver, readonly, etc) With this set up, it is difficult to manage the permissions privileges and audit the cluster for malicious activity. We want to be able to authenticate users and accordingly allow users to have advanced permissions to test out the cluster.
Describe the solution you'd like Enable Open ID Connect for nightly playground. The best way would be GitHub but since GitHub is not an identity provider, there might be other workarounds.
Option 1: Use third party IdP like keycloak, dex, etc to connect to GitHub Option 2: User other method of authentication such as Google account (example: https://github.com/opensearch-project/dashboards-anywhere/issues/52), microsoft, etc.
Describe alternatives you've considered Keep using local users
Additional context Try to implement a generic solution that can onboard any other project under opensearch-project with similar requirements.
cc: @prudhvigodithi @bbarani