Gergo Huszty
Gergo Huszty
@israel-hdez you are right, those are still ahead of us, though if we consider them, those will be part of our service, not an extrnal one in the same cloud...
@israel-hdez I think I have an initial plan, would like to hear your thoughts if that should be possible with current kiali or not: 1) Use experimental remote secret for...
@israel-hdez finally found some time to proceed with this... Without being an expert in openid vs oauth, I tried to just hack through as much as I could... So now...
@israel-hdez Thanks for the thoughts! Yeah this ticket is a bit mixing up things, sorry about that. Let me try to summarize our (current 😄 ) aim: * We would...
Hey @israel-hdez I gave another try to get something working finally. So instead of hack the openid strategy to work with Openshift Oauth, I started from the other end, where...
@israel-hdez I continued my experiment with my openshift auth changes to find out the next issues and I am thinking again that the headline of this issue makes sense :)....
> Of course, the target API Server should be prepared to see either a certificate (when Kiali queries as itself) or a token (when Kiali queries on behalf of a...
The one who contributed the current experimental remotesecret feature is my colleague who is a former developer for the product which I am currently dealing with 😄 so his use-case...
> Well... if istiod is running in the mesh cluster, it is no longer the external control plane model and we would be back at single cluster model, no? Exactly....
@aavshr I don't have any. I also considered to start working on it myself, but don't have much free cycles nowadays to proceed. Anyways, I am more than happy to...