Open andreaTP opened 2 years ago
I think we can remove auth. Problem is that we break others like kas installer. Adding additional flag to skip it sounds like hack. @rkpattnaik780 do you have some ideas
I think we should go with additional flag to skip it as removing it can break stuffs.
I think we can remove auth. Problem is that we break others like kas installer. Adding additional flag to skip it sounds like hack. @rkpattnaik780 do you have some ideas
Hi @andreaTP
I am getting a client not found
error while trying to login with the CLI, in the browser.
@rkpattnaik780 sorry for the confusion, please use the version from the branch enable-cli-on-k8s
, https://github.com/andreaTP/srs-fleet-manager/tree/enable-cli-on-k8s/dist/k8s-dev
Description
Version:
0.48.0
rohas login
command already works against new versions of Keycloak, but the token refresh fails because it injects/auth
into the URL path (which is no anymore mandatory since Quarkus distribution).For example, after running a login like:
We receive the error:
Steps to reproduce
rhoas login --api-gateway http://localhost:8081 --auth-url http://localhost:8083/realms/demo-apicurio --client-id apicurio-cli
Expected vs actual behaviour
The CLI should respect the URL without injecting
/auth
.Workaround
Is currently possible to workaround this issue by setting the retro-compatibility option:
KC_HTTP_RELATIVE_PATH: /auth
https://github.com/andreaTP/srs-fleet-manager/blob/b2fe84f373c33ff32f5ecf7b4f42b31fcc48b3fc/dist/k8s-dev/keycloak.yaml#L47-L48