Dan Meruelo

no ideas, just desire, and it should be at the top of the node view in nsqadmin `/nodes/172.19.32.135:4151`

the go port solved this by ensuring a `text/plain` is always returned rather then a `text/html` https://github.com/mccutchen/go-httpbin/pull/68

also, if a group is added to `default_allowed_groups` in the config.yml of the sso_proxy service which is outside the organization the sso_proxy is part of then sso_auth throws this error:...

from discussion: jphines: that's probably a bug in our recent logic ( https://github.com/buzzfeed/sso/commit/2bf94bb14302573226fb40071cb487845e2320c9 ) we're asking what memberships you have as opposed to listing the membership values we validate group...

this does sound like a great idea, was not aware of that RFC. we have to be a bit careful of how to implement this and maybe do it in...

@weeco was just firing up a cluster to try to troubleshoot. think there is anything we could add to https://github.com/buzzfeed/sso/blob/master/docs/quickstart.md or https://medium.com/@while1eq1/single-sign-on-for-internal-apps-in-kubernetes-using-google-oauth-sso-2386a34bc433 to make this more straightforward. we set http...

for https support use just leave off `COOKIE_SECURE` which defaults to `true`, you will need valid certs!, default values set here: https://github.com/buzzfeed/sso/blob/3a64e696452e2fea5d571e63ad5a53e45694ecd1/internal/auth/options.go#L76 https://github.com/buzzfeed/sso/blob/1662f7cc129421a9d2ac8aff577823bbd3703ec8/internal/proxy/options.go#L71 or explicitly set ``` - name: COOKIE_SECURE...

i think there is case for better logging for sure

since buildx needs some setup, i do this on my end for multi-arch's: ensure i cleared out the buildx builder in case it got interrupted before ``` docker buildx rm...

being implemented in https://github.com/buzzfeed/sso/pull/319