netbox-chart icon indicating copy to clipboard operation
netbox-chart copied to clipboard
verified publisher icon netbox-community

SOCIAL_AUTH_BACKEND_ATTRS in extraConfig: Pod Crash

Open t0mcat1337 opened this issue 2 months ago • 1 comments

The Helm chart version

netbox-7.1.17

Environment Versions

Kubernetes: 1.33.5
Helm: 3.18.4

Custom chart values

remoteAuth:
  enabled: true
  backends:
    - social_core.backends.keycloak.KeycloakOAuth2
[...]
extraConfig:
  - values:
      SOCIAL_AUTH_KEYCLOAK_AUTHORIZATION_URL: '<keycloakAuthURL>'
      SOCIAL_AUTH_KEYCLOAK_ACCESS_TOKEN_URL: '<keycloakTokenURL>'  
      SOCIAL_AUTH_KEYCLOAK_SECRET: '<keycloakSecret>'
      SOCIAL_AUTH_KEYCLOAK_PUBLIC_KEY: '<keycloakKey>'
      SOCIAL_AUTH_KEYCLOAK_ID_KEY: 'email'
      SOCIAL_AUTH_KEYCLOAK_KEY: 'netbox'

Current Behavior & Steps to Reproduce

With the above values.yaml snippet I managed to let netbox use keycloak as an auth backend, which works fine. Now for a little cosmetics I wanted to customize the "Keycloak" Login Button as described here (https://netboxlabs.com/docs/netbox/administration/authentication/overview/#single-sign-on-sso) in the netbox docs at the very end.

Image

So I figured out the following seems to be the only form of writing "SOCIAL_AUTH_BACKEND_ATTRS" correctly, so that at least the config parser ("configuration.py") accepts it:

extraConfig:
  - values:
      [...]
       SOCIAL_AUTH_BACKEND_ATTRS: '{"keycloak": ("My Custom Name", "login")}'

But after that the container nevertheless crashes with the Exception below.

Expected Behavior

Let use "SOCIAL_AUTH_BACKEND_ATTRS" parameter correctly for customizing the OIDC Login Button when using Keycloak for example.

NetBox Logs

Traceback (most recent call last):
  File "/opt/netbox/netbox/./manage.py", line 10, in <module>
    execute_from_command_line(sys.argv)
  File "/opt/netbox/venv/lib/python3.12/site-packages/django/core/management/__init__.py", line 442, in execute_from_command_line
    utility.execute()
  File "/opt/netbox/venv/lib/python3.12/site-packages/django/core/management/__init__.py", line 436, in execute
    self.fetch_command(subcommand).run_from_argv(self.argv)
  File "/opt/netbox/venv/lib/python3.12/site-packages/django/core/management/base.py", line 416, in run_from_argv
    self.execute(*args, **cmd_options)
  File "/opt/netbox/venv/lib/python3.12/site-packages/django/core/management/base.py", line 457, in execute
    self.check(**check_kwargs)
  File "/opt/netbox/venv/lib/python3.12/site-packages/django/core/management/base.py", line 492, in check
    all_issues = checks.run_checks(
                 ^^^^^^^^^^^^^^^^^^
  File "/opt/netbox/venv/lib/python3.12/site-packages/django/core/checks/registry.py", line 89, in run_checks
    new_errors = check(app_configs=app_configs, databases=databases)
                 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/netbox/venv/lib/python3.12/site-packages/django/core/checks/urls.py", line 136, in check_custom_error_handlers
    handler = resolver.resolve_error_handler(status_code)
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/netbox/venv/lib/python3.12/site-packages/django/urls/resolvers.py", line 732, in resolve_error_handler
    callback = getattr(self.urlconf_module, "handler%s" % view_type, None)
                       ^^^^^^^^^^^^^^^^^^^
  File "/opt/netbox/venv/lib/python3.12/site-packages/django/utils/functional.py", line 47, in __get__
    res = instance.__dict__[self.name] = self.func(instance)
                                         ^^^^^^^^^^^^^^^^^^^
  File "/opt/netbox/venv/lib/python3.12/site-packages/django/urls/resolvers.py", line 711, in urlconf_module
    return import_module(self.urlconf_name)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3.12/importlib/__init__.py", line 90, in import_module
    return _bootstrap._gcd_import(name[level:], package, level)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "<frozen importlib._bootstrap>", line 1387, in _gcd_import
  File "<frozen importlib._bootstrap>", line 1360, in _find_and_load
  File "<frozen importlib._bootstrap>", line 1331, in _find_and_load_unlocked
  File "<frozen importlib._bootstrap>", line 935, in _load_unlocked
  File "<frozen importlib._bootstrap_external>", line 995, in exec_module
  File "<frozen importlib._bootstrap>", line 488, in _call_with_frames_removed
  File "/opt/netbox/netbox/netbox/urls.py", line 7, in <module>
    from account.views import LoginView, LogoutView
  File "/opt/netbox/netbox/account/views.py", line 26, in <module>
    from netbox.authentication import get_auth_backend_display, get_saml_idps
  File "/opt/netbox/netbox/netbox/authentication/__init__.py", line 50, in <module>
    AUTH_BACKEND_ATTRS.update(getattr(settings, 'SOCIAL_AUTH_BACKEND_ATTRS', {}))
ValueError: dictionary update sequence element #0 has length 1; 2 is required

t0mcat1337 avatar Nov 13 '25 16:11 t0mcat1337

Thanks for filing this issue, @t0mcat1337.

extraConfig:
  - values:
      [...]
       SOCIAL_AUTH_BACKEND_ATTRS: '{"keycloak": ("My Custom Name", "login")}'

Such values must be escaped; otherwise, they are interpreted as dictionaries by Helm.

LeoColomb avatar Nov 13 '25 22:11 LeoColomb