Open mustafaStakater opened 8 months ago
The issue was a wrong secret name being used, but provider shouldnt partially create an empty oidc configuration and then endup in unhealthy state.
Also happen with
Even worse, if i apply several AuthBackends in parallel (in my case, 55), the 1st reconciled AuthBackend can successfully be created in Vault, but all other AuthBackends are failing with path is already in use at oidc
.
Work around: applying the AuthBackends CRs one by one and waiting in between.
What happened?
Creating AuthBackend fails initially with the
both 'oidc_client_id' and 'oidc_client_secret' must be set for OIDC
and then error changes to* path is already in use at oidc/
. In vault,oidc
path is present with empty configuration.How can we reproduce it?
vault operator init
. Save the unseal keys and root token.vault login
and create a token for crossplane.Create a provider config and secret with token to vault
Create authbackend resource
What environment did it happen in?