Ed Fincham02/20/2023, 4:00 PM
I guess that may not be terribly informative? Point being, I'm quite confident that the
auth: enabled: true oidc: baseUrl: "<azureAD oidc application>" clientId: "<oidc id>" clientSecret: <base64 encoded oicd secret> internal: clientSecret: <base64 encoded secret> clientSecretHash: "<bcrypt hash of above>"
are correct. However, when I install the chart, the
container errors out with:
Couple of questions: • Which client secret is this? • I've tried base64 encoding locally with python and here • Is it possible to store these values in a k8s secret? • Is this really all the auth setup needed? I'm migrating from a pre-binary setup to the binary and there's a lot of complexity in the former chart which is not present in the latter Any pointers would be much appreciated ☺️
* error decoding 'appAuth.selfAuthServer.staticClients[flytepropeller].client_secret': illegal base64 data at input byte 0
Ketan (kumare3)02/20/2023, 4:17 PM
Yee02/20/2023, 4:26 PM
$ python -c 'import bcrypt; import base64; print(base64.b64encode(bcrypt.hashpw("some-secret".encode("utf-8"), bcrypt.gensalt(6))))' b'JDJiJDA2JHIud1JYLi9WSWJxQnZOMWZ1MWJqNHV5bGVuUERNbTNwcGZza1ZBMEJaZG05bkFOMEhJWDJT'
Ed Fincham02/20/2023, 5:07 PM
in my python. And thank you for the explanation, which makes it much clearer what's going on! Kudos to all the flyte team for being so fantastically responsive and helpful - hugely appreciate your support 🙂
David Espejo (he/him)02/20/2023, 8:02 PM