contrib-helm-chart icon indicating copy to clipboard operation
contrib-helm-chart copied to clipboard

Published 20 hours ago verified publisher icon getredash

Support setting `REDASH_SAML_SSO_URL` environment variable via values for redash v10 SAML SSO

Open ism-k opened this issue 3 years ago • 2 comments

Hello,

Thank you for releasing v3.0.0. When updating to Redash v10, there was a non-trivial configuration item required to enable SAML. So I will introduce a workaround and propose a solution for that.

Background

I discovered that in order to enable SAML in Redash v10, the environment variable REDASH_SAML_SSO_URL must have some value. This variable was not present in Redash v8.

This change can be seen in the following pull-request to redash: https://github.com/getredash/redash/pull/5175

- SAML_LOGIN_ENABLED = SAML_METADATA_URL != ""

+ SAML_LOGIN_ENABLED = SAML_SSO_URL != "" and SAML_METADATA_URL != ""

This code does not have the REDASH_ prefix, but it is only removed at the point of moving from the environment variable to the internal logic, meaning the same thing.

Suggestion

I currently enable SAML by defining REDASH_SAML_SSO_URL directly in the env field in values.yaml.gotmpl, which I do not think is a good design. Therefore, I suggest that an appropriate field be provided. And if it is not a problem, I would like to take this opportunity to add other SAML-related configuration fields as well.

I will try to create a PR on my end, but since I am new to development, it may take some time. I am posting this as an Issue as soon as possible, as it would be quicker if someone could make the change right away.

ism-k avatar Apr 20 '22 16:04 ism-k

@ism-k Thanks for noticing this! We use https://github.com/getredash/website/blob/master/src/pages/kb/open-source/admin-guide/env-vars-settings.md has the source of our config, so I think the first step would be getting that page updated - if you can help with that part, I can handle the script & PR to update our config from there!

grugnog avatar Apr 21 '22 16:04 grugnog

It'd be appreciated if you could also update the Redash helm chart to accept the related REDASH_SAML env that you updated in https://github.com/getredash/redash/pull/5784

acefei avatar Feb 15 '23 03:02 acefei

@acefei no need to have a separate option, you can pass it using

server:
   env:
      REDASH_SAML_SSO_URL: https://example.com

AndrewChubatiuk avatar Mar 27 '24 12:03 AndrewChubatiuk