bardielle
commented
1 year ago Thank you for reporting that bug. I will try to fix in that PR it and release a fixed version
Closed addof closed 11 months ago
bardielle
commented
1 year ago Thank you for reporting that bug. I will try to fix in that PR it and release a fixed version
nirarg
commented
1 year ago @addof thank you for reporting this @bardielle thank you for the fix @addof can you please validate this change locally, before releasing new release? We have had very limited verifification for the OpenID idp, I think we would need to get more knowledge about this @tshefi FYI ^
addof
commented
1 year ago @nirarg Unfortunately I am not able to test the change locally since I am using a pipeline. The most suitable way for me to test is to use a released version.
tshefi
commented
1 year ago @addof Would you happen to have, willing to share, your terraform.tfvars or parameters used in pipeline? Wish to see which fields and value formats you had used, goes without saying don't forget to randomize/substitute fake values. Thanks
addof
commented
1 year ago The values being passed to the module are from data calls to parameter store and all the values are Strings.
module "aad_authentication" {
source = "./modules/aad_authentication"
for_each = var.rosa_clusters
token = data.aws_ssm_parameter.redhat_token.value
cluster_id = module.cluster_creation[each.key].cluster_id
client_id = data.aws_ssm_parameter.SpnClientId.value
client_secret = data.aws_ssm_parameter.SecretKey.value
tenant_id = data.aws_ssm_parameter.SpnTenantId.value
}
hhh0505
commented
1 year ago @tshefi Is there any plan for this to be added to the latest release? We are currently blocked by this issue.
tshefi
commented
1 year ago Happy to report using @bardielle branch,was able to successfully configure OpenIDC IDP via TF, confirm OCP login with a user created on RH SSO, acting as OpenIDC endpoint.
Attaching TF config files for reference, I'll tweak my own related PR for openidc example as it needs a few fixes.
Per excepted release date maybe @nirarg can comment.
bardielle
commented
1 year ago @hhh0505 @addof I just published a new release -v1.4.1 Can you validate it please?
hhh0505
commented
1 year ago @bardielle Fix has been validated and we successfully deployed the OpenID IDP.
One little minor issue in the documentation we noticed was that extra_authorize_parameters should actually be a map of string, whereas in the documentation it's expecting a list of string.
extra_authorize_parameters (List of String)
bardielle
commented
1 year ago Great news We will work on that doc issue thank you for updating us
bardielle
commented
1 year ago @hhh0505 @addof The v1.4.2 would be released on Dec 06
bardielle
commented
11 months ago Version v1.4.2 was released today. @hhh0505 @addof Please update/ close the issue.
I am currently working on configuring an openid Idp for a ROSA cluster but I encountered the below error on apply:
│ Error: Value Conversion Error │ │ with module.aad_authentication["sbx"].rhcs_identity_provider.openid_idp, │ on modules/aad_authentication/main.tf line 2, in resource "rhcs_identity_provider" "openid_idp": │ 2: resource "rhcs_identity_provider" "openid_idp" { │ │ An unexpected error was encountered trying to convert tftypes.Value into │ map[string]string. This is always an error in the provider. Please report │ the following to the provider developer: │ │ cannot reflect tftypes.List[tftypes.String] into a map, must be a map ╵ Releasing state lock. This may take a few moments...
[error]Error: The process '/opt/hostedtoolcache/terraform/1.2.9/x64/terraform' failed with exit code 1
It would be appreciated if you can have a look at this issue.