Marc Boorshtein

> Using tags is a bad security practice digests are important because without a signature it's the only way for kubernetes to guarantee that the image being used is trusted....

No one should have to look over their shoulder when attending KubeCon. The fact that the law is crafted to deputize untrained citizens to report on others means that we're...

I didn't put this in there because these steps are custom created for each deployment. For instance if your `OU_HOST` was for k8s.myhost.dev the first line would be `- --oidc-issuer-url=https://k8s.myhost.dev/auth/idp/k8sIdp`...

We need to update the videos. When we moved to an operator based model the location of the certificate changed. In the readme (https://github.com/OpenUnison/openunison-k8s-login-activedirectory#complete-sso-integration-with-kubernetes) it says where to get the...

is `openunison.tremolo.lan` pointing to your ingress load balancer?

Yes. OpenUnison can be configured to support applications that support SAML2 and OpenID Connect. Additionally, OpenUnison has a built in reverse proxy that can be used to integrate SSO with...

ahh, i forgot about that. i'll update our upgrade docs. We had to rename many of the configurations because k8s requires names to be lower case. For GitLab, here's an...

Yes. You would need to create a new idp configuration. I'll write up a tutorial. I'm assuming oidc? Also, do your groups have a naming standard you'd like to limit...

Haven't forgotten about this. Realized I needed to add a feature to make this work the way I wanted in k8s. Cutting the new release tomorrow and publishing the doc/video...

update all your charts and make sure you're running the latest containers - https://openunison.github.io/documentation/custom-sso/