silly-refrigerator-21057
02/20/2023, 4:00 PMauth:
enabled: true
oidc:
baseUrl: "<azureAD oidc application>"
clientId: "<oidc id>"
clientSecret: <base64 encoded oicd secret>
internal:
clientSecret: <base64 encoded secret>
clientSecretHash: "<bcrypt hash of above>"
I guess that may not be terribly informative? Point being, I'm quite confident that the oidc.baseUrl
and oidc.clientID
are correct. However, when I install the chart, the gen-admin-auth-secret
container errors out with:
* error decoding 'appAuth.selfAuthServer.staticClients[flytepropeller].client_secret': illegal base64 data at input byte 0
Couple of questions:
• Which client secret is this?
• I've tried base64 encoding locally with python and here
• Is it possible to store these values in a k8s secret?
• Is this really all the auth setup needed? I'm migrating from a pre-binary setup to the binary and there's a lot of complexity in the former chart which is not present in the latter
Any pointers would be much appreciated ☺️freezing-airport-6809
freezing-airport-6809
freezing-airport-6809
thankful-minister-83577
$ python -c 'import bcrypt; import base64; print(base64.b64encode(bcrypt.hashpw("some-secret".encode("utf-8"), bcrypt.gensalt(6))))'
b'JDJiJDA2JHIud1JYLi9WSWJxQnZOMWZ1MWJqNHV5bGVuUERNbTNwcGZza1ZBMEJaZG05bkFOMEhJWDJT'
thankful-minister-83577
thankful-minister-83577
thankful-minister-83577
thankful-minister-83577
silly-refrigerator-21057
02/20/2023, 5:07 PM.encode("utf-8")
in my python. And thank you for the explanation, which makes it much clearer what's going on!
Kudos to all the flyte team for being so fantastically responsive and helpful - hugely appreciate your support 🙂average-finland-92144
02/20/2023, 8:02 PM