Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

oAuth-proxy enhancements for Azure AKS deployment #21450

Closed
karatkep opened this issue Jun 8, 2022 · 8 comments
Closed

oAuth-proxy enhancements for Azure AKS deployment #21450

karatkep opened this issue Jun 8, 2022 · 8 comments
Labels
area/ci CI build and releases, PR testing, & whitelabel/productization issues kind/enhancement A feature request - must adhere to the feature request template. new&noteworthy For new and/or noteworthy issues that deserve a blog post, new docs, or emphasis in release notes severity/P1 Has a major impact to usage or development of the system.
Milestone
7.50

Comments

@karatkep
Copy link

karatkep commented Jun 8, 2022
edited by nickboldt
Loading

Is your enhancement related to a problem? Please describe

There are several enhancements of ouath-proxy configuration (aka oauth-proxy.cfg) for kubernetes:

  • To set pass_access_token to true (default value is false) to pass access token to upstream via "X-Forwarded-Access-Token"
  • To set cookie_refresh to 1h0m0s to refresh the cookie when duration has elapsed after cookie was initially set.
  • To add whitelist_domains to whitelist che domain (ie: .yourcompany.com)
  • To add cookie_domains to set cookie domain to force cookies to (ie: .yourcompany.com)
  • To add OAuthScope to Che Resource to allow users to configure Access Token Scope.

Describe the solution you'd like

Update che-operator to support addition configuration of ouath-proxy for kubernetes

Describe alternatives you've considered

No response

Release Notes Text

Enhancements needed to deploy Che on Azure AKS, contributed by @karatkep. Thank you for your contribution!
@karatkep karatkep added the kind/enhancement A feature request - must adhere to the feature request template. label Jun 8, 2022
@che-bot che-bot added the status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. label Jun 8, 2022
This was referenced Jun 8, 2022
Closed
Merged
@amisevsk amisevsk added severity/P1 Has a major impact to usage or development of the system. area/che-operator Issues and PRs related to Eclipse Che Kubernetes Operator area/install Issues related to installation, including offline/air gap and initial setup and removed status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. labels Jun 10, 2022
@l0rd l0rd added new&noteworthy For new and/or noteworthy issues that deserve a blog post, new docs, or emphasis in release notes status/release-notes-review-needed Issues that needs to be reviewed by the doc team for the Release Notes wording labels Jun 23, 2022
@l0rd
Copy link
Contributor

l0rd commented Jun 23, 2022

@karatkep thank you for this issue and the related contribution. Those enhancements were needed to deploy to AKS? And using the instructions in your repo are ment to be used by anyone trying to deploy to AKS?

I am asking because we are considering to:

  1. make this PR as a new and notworkthy addition to include in next release notes
  2. proposing you to contribute a blog post that explains how to deploy Che to AKS

@karatkep
Copy link
Author

karatkep commented Jun 24, 2022 via email

@l0rd l0rd changed the title oauth-proxy configuration enhancements for k8s config oAuth-proxy enhancements for Azure deployment Jun 30, 2022
@l0rd l0rd changed the title oAuth-proxy enhancements for Azure deployment oAuth-proxy enhancements for Azure AKS deployment Jun 30, 2022
@l0rd
Copy link
Contributor

l0rd commented Jul 4, 2022

@karatkep I have added this issue in v7.50 release notes. If you have some instructions on how to deploy Che on Azure AKS please share so that we can make a blog post out of it. You may also submit a PR yourself on our blog github repository if you can, but that's not required.

@karatkep
Copy link
Author

karatkep commented Jul 4, 2022

@l0rd Please review eclipse-che/blog#29

@l0rd
Copy link
Contributor

l0rd commented Jul 4, 2022

Faster than the wind 👍 Will review that later today.

@l0rd
Copy link
Contributor

l0rd commented Jul 4, 2022

@tolusha @sparkoo it would be great if you have time to have a look at the blog post too.

@karatkep karatkep mentioned this issue Jul 5, 2022
Merged
9 tasks
@max-cx
Copy link

max-cx commented Jul 25, 2022

RN: upstream only

@tolusha tolusha removed the area/install Issues related to installation, including offline/air gap and initial setup label Aug 6, 2022
@max-cx max-cx removed the status/release-notes-review-needed Issues that needs to be reviewed by the doc team for the Release Notes wording label Jan 12, 2023
@nickboldt nickboldt modified the milestone: 7.50 Jan 12, 2023
@nickboldt nickboldt added area/ci CI build and releases, PR testing, & whitelabel/productization issues and removed area/che-operator Issues and PRs related to Eclipse Che Kubernetes Operator labels Jan 13, 2023
@devstudio-release
Copy link

sync'd to Red Hat JIRA https://issues.redhat.com/browse/CRW-3845

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/ci CI build and releases, PR testing, & whitelabel/productization issues kind/enhancement A feature request - must adhere to the feature request template. new&noteworthy For new and/or noteworthy issues that deserve a blog post, new docs, or emphasis in release notes severity/P1 Has a major impact to usage or development of the system.
Projects
None yet
Milestone
7.50
Development

No branches or pull requests
8 participants
@nickboldt @l0rd @tolusha @amisevsk @devstudio-release @che-bot @karatkep @max-cx