Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add dex_oidc_config library #208

Merged
merged 7 commits into from
Jul 22, 2024
Merged

feat: add dex_oidc_config library #208

merged 7 commits into from
Jul 22, 2024

Conversation

DnPlas
Copy link
Contributor

@DnPlas DnPlas commented Jul 11, 2024
edited
Loading

Add a library to handle the dex-oidc-config relation interface. This library allows dex-auth to share its OIDC configuration with OIDC clients such as the oidc-gatekeeper charm. The library is designed to be extended to share any information about Dex, but right now it is only sharing Dex's issuer url.

Closes #203

Testing instructions

  1. Deploy the charm from this PR
  2. Deploy the charm from feat: integrate with dex-oidc-config interface and remove public-url oidc-gatekeeper-operator#163
  3. Wait for them to become active and idle
  4. Add the relation between them (interface dex-oidc-config)
  5. Verify that the requirer is actually getting data from dex-auth juju show-unit oidc-gatekeeper. There should be the dex-issuer-url value.

@DnPlas
feat: add dex_oidc_config library
c554457 
Add a library to handle the dex-oidc-config relation interface. This library
allows dex-auth to share its OIDC configuration with OIDC clients such as the
oidc-gatekeeper charm. The library is designed to be extended to share any
information about Dex, but right now it is only sharing Dex's issuer url.

Closes #203
@DnPlas DnPlas requested a review from a team as a code owner July 11, 2024 17:18
@DnPlas DnPlas mentioned this pull request Jul 11, 2024
Merged
rgildein
rgildein reviewed Jul 12, 2024
View reviewed changes
lib/charms/dex_auth/v0/dex_oidc_config.py Outdated Show resolved Hide resolved
lib/charms/dex_auth/v0/dex_oidc_config.py Show resolved Hide resolved
lib/charms/dex_auth/v0/dex_oidc_config.py Outdated Show resolved Hide resolved
lib/charms/dex_auth/v0/dex_oidc_config.py Show resolved Hide resolved
lib/charms/dex_auth/v0/dex_oidc_config.py Show resolved Hide resolved
lib/charms/dex_auth/v0/dex_oidc_config.py Show resolved Hide resolved
@rgildein
Copy link
Contributor

I manualy tested the functionality and it's working as expected.

How I tested it:

# for dex-auth-operator
$ git checkout KF-5966-create-issuer-interface
$ git merge KF-5967-remove-public-url-config
$ charmcraft pack
$ juju refresh dex-auth --path ./dex-auth_ubuntu-20.04-amd64.charm --force-units
$ juju deploy ./dex-auth_ubuntu-20.04-amd64.charm --resource oci-image=charmedkubeflow/dex:2.39.1-a91817e

# oidc-gatekeeper-operator
$ git checkout KF-5968-integrate-with-dex-oidc-config
# I commented line 73, so `# self._check_public_url()`, to avoid charm being in block state
$ charmcraft pack
$ juju deploy ./oidc-gatekeeper_ubuntu-20.04-amd64.charm --resource oci-image=charmedkubeflow/oidc-authservice:ckf-1.8-58e8217
# oidc-gatekeeper is in blocked state
$ juju status oidc-gatekeeper                                                           
...
oidc-gatekeeper/0*  blocked   idle   10.1.23.248         Missing relation with a Dex OIDC config provider. Please add the missing relation.  

#  add relation
$ juju integrate oidc-gatekeeper:oidc-provider-info dex-auth:dex-oidc-config
$ juju show-unit oidc-gatekeeper/0 --endpoint oidc-provider-info --app 
oidc-gatekeeper/0:
  opened-ports: []
  charm: local:focal/oidc-gatekeeper-0
  leader: true
  life: alive
  relation-info:
  - relation-id: 1
    endpoint: oidc-provider-info
    related-endpoint: dex-oidc-config
    application-data:
      issuer-url: http://dex-auth.kf-5966.svc:5556/dex
  provider-id: oidc-gatekeeper-0
  address: 10.1.23.248

rgildein
rgildein approved these changes Jul 22, 2024
View reviewed changes
Copy link
Contributor

@rgildein rgildein left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@DnPlas DnPlas merged commit 67b9d5c into KF-5536-issuer-url-dev-branch Jul 22, 2024
7 checks passed
@DnPlas DnPlas deleted the KF-5966-create-issuer-interface branch July 22, 2024 13:07
This was referenced Jul 22, 2024
Closed
Merged
DnPlas added a commit that referenced this pull request Jul 24, 2024
@DnPlas
feat: add dex_oidc_config library (#208)
7fd5b15 
* feat: add dex_oidc_config library

Add a library to handle the dex-oidc-config relation interface. This library
allows dex-auth to share its OIDC configuration with OIDC clients such as the
oidc-gatekeeper charm. The library is designed to be extended to share any
information about Dex, but right now it is only sharing Dex's issuer url.

Closes #203
DnPlas added a commit that referenced this pull request Jul 25, 2024
@DnPlas
feat: merge KF-5526-issuer-url-dev-branch into main
8912ccb 
This branch introduces changes to support the dex-oidc-config interface and the deprecation of public-url in favour of issuer-url. For more information, please refer to the following:

* refactor: add dex-issuer-url and remove public-url config options (#209)
* feat: add dex_oidc_config library (#208)
* chore: keep public-url config option for compatibility #213
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rgildein rgildein rgildein approved these changes

Assignees
No one assigned
Labels
Libraries: Out of sync
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@DnPlas @rgildein