Comments (6)
I tried reverting this commit from May this year c2d7de5 since I thought that seemed to fit timewise and touched some very much related lines of code, then I rebuilt my own image after also patching the Dockerfile.rhel to use public images rather than Redhat private ones:
diff --git images/Dockerfile.rhel images/Dockerfile.rhel
index 77f64be0..748d54d0 100644
--- images/Dockerfile.rhel
+++ images/Dockerfile.rhel
@@ -1,10 +1,12 @@
-FROM registry.ci.openshift.org/ocp/builder:rhel-8-golang-1.19-openshift-4.14 AS builder
+FROM registry.ci.openshift.org/openshift/release:golang-1.19 AS builder
+#FROM registry.ci.openshift.org/ocp/builder:rhel-8-golang-1.19-openshift-4.14 AS builder
WORKDIR /go/src/github.com/openshift/oauth-server
COPY . .
ENV GO_PACKAGE github.com/openshift/oauth-server
RUN make build --warn-undefined-variables
-FROM registry.ci.openshift.org/ocp/4.14:base
+FROM registry.ci.openshift.org/origin/4.12:base
+#FROM registry.ci.openshift.org/ocp/4.14:base
COPY --from=builder /go/src/github.com/openshift/oauth-server/oauth-server /usr/bin/
ENTRYPOINT ["/usr/bin/oauth-server"]
LABEL io.k8s.display-name="OpenShift OAuth Server" \
Finally I tagged and pushed that image into my Openshift CRC's registry and referenced that image in the Deployment for oauth-server. Again I had to resort to a bit of hackery to be able to test in time before the authentication-operator reset things back to the original state by scaling down the authentication operator to 0 replicas, then edit oauth-server deployment, then quickly test.
But I was able to login successfully in ArgoCD when that oauth-server image was deployed and the request logged in the oauth-server log looks the same like the one mentioned before that caused an error.
I1013 15:28:19.821365 1 httplog.go:132] "HTTP" verb="GET" URI="/oauth/authorize?client_id=system%3Aserviceaccount%3Aargocd%3Aargocd-argocd-dex-server&redirect_uri=https%3A%2F%2Fargocd-server-argocd.apps-crc.testing%2Fapi%2Fdex%2Fcallback&response_type=code&scope=user%3Ainfo&state=iquexr4kxxdalcxt4kkd2c3tq" latency="37.712037ms" userAgent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.103 Safari/537.36" audit-ID="ad01e5c2-8d4c-492a-a1ba-cf91bd551622" srcIP="10.217.0.1:60668" resp=302
I1013 15:28:19.846193 1 httplog.go:132] "HTTP" verb="GET" URI="/login?then=%2Foauth%2Fauthorize%3Fclient_id%3Dsystem%253Aserviceaccount%253Aargocd%253Aargocd-argocd-dex-server%26redirect_uri%3Dhttps%253A%252F%252Fargocd-server-argocd.apps-crc.testing%252Fapi%252Fdex%252Fcallback%26response_type%3Dcode%26scope%3Duser%253Ainfo%26state%3Diquexr4kxxdalcxt4kkd2c3tq" latency="2.27283ms" userAgent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.103 Safari/537.36" audit-ID="de4ff334-635a-4e11-8156-ff4887287b37" srcIP="10.217.0.1:60668" resp=200
So something definitely changed behavior either directly because of that commit or commits in the https://github.com/openshift/osin library since that was updated in that commit.
from oauth-server.
I'm not sure how but some auto-update of the Openshift authentication operator and oauth-openshift seems to have made this problem disappear for me. I haven't found anything specific in the commit logs I have looked at that would explain this but now I do not get the aforementioned errors.
If someone happens to know what the underlying problem and fix was here it would be good to know about it.
from oauth-server.
Issues go stale after 90d of inactivity.
Mark the issue as fresh by commenting /remove-lifecycle stale
.
Stale issues rot after an additional 30d of inactivity and eventually close.
Exclude this issue from closing by commenting /lifecycle frozen
.
If this issue is safe to close now please do so with /close
.
/lifecycle stale
from oauth-server.
Stale issues rot after 30d of inactivity.
Mark the issue as fresh by commenting /remove-lifecycle rotten
.
Rotten issues close after an additional 30d of inactivity.
Exclude this issue from closing by commenting /lifecycle frozen
.
If this issue is safe to close now please do so with /close
.
/lifecycle rotten
/remove-lifecycle stale
from oauth-server.
Rotten issues close after 30d of inactivity.
Reopen the issue by commenting /reopen
.
Mark the issue as fresh by commenting /remove-lifecycle rotten
.
Exclude this issue from closing again by commenting /lifecycle frozen
.
/close
from oauth-server.
@openshift-bot: Closing this issue.
In response to this:
Rotten issues close after 30d of inactivity.
Reopen the issue by commenting
/reopen
.
Mark the issue as fresh by commenting/remove-lifecycle rotten
.
Exclude this issue from closing again by commenting/lifecycle frozen
./close
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.
from oauth-server.
Related Issues (12)
- Does not support Password Grant Flow HOT 12
- Group Sync Fails to Authenticate with presense of `:` in Group Name HOT 6
- Project missing LICENSE file HOT 4
- Dockerfile in wrong location HOT 2
- OauthServers for sharding routers HOT 4
- Future Release Branches Frozen For Merging | branch:release-4.5 branch:release-4.4
- LICENSE information HOT 2
- Future Release Branches Frozen For Merging | branch:release-4.6
- Cannot integrate with Windows ADFS HOT 15
- Future Release Branches Frozen For Merging | branch:release-4.17 branch:release-4.18 HOT 2
- Gitlab OAuth Group Policy HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from oauth-server.