Maurice Faber comments

Results 293 comments of


                                            Maurice Faber

kiali sends basic auth headers when `grafana.auth.type: bearer` is set

I use the configuration exactly as you show here, but maybe something else is conflicting?

Error fetching OpenID provider metadata "failed to create http client to fetch OpenId Metadata: supplied OpenId CA file cannot be parsed"

We are also experiencing this issue. Even though we use the same mechanism successfully for our cluster workloads, we keep hitting the parser error. We tried 2 ways: - root...

OIDC token not automatically refreshed

Ok, I see. But that is breaking the chain of validity: kiali might think the user is valid, but the IdP might think differently. It is preferred to expire the...

OIDC token not automatically refreshed

so it would be least effort for a core maintainer. Is Kiali not funded or backed by VC?

OIDC token not automatically refreshed

But I would assume openshift auth is OIDC based. Isn't it? Then it would have token refresh as well, no? Why not backport it here?

OIDC token not automatically refreshed

Got it! Thanks for the detailed feedback...much appreciated.

Support groups in static users configuration (static passwords)

Would these claims then make it into the JWT? Then please add roles as well :)

Propagate groups from upstream OIDC provider

Any updates here? Concourse forked dex and managed to pull in groups. I am with @jacksontj on this one: offer documentation and recommendations (if using groups set short ttl). Any...

Failed to list namespaces error when not using cluster-wide mode

bumping this as the current operator with create enabled does not install the CR. Setting `rbac.clusterRole: true` does not help as there is no mention of `namespace` in the RBAC...

Failed to list namespaces error when not using cluster-wide mode

Adding this little snippet to the role will fix it: ```yaml - apiGroups: - '' resources: - namespaces verbs: - list - watch ```