Replace keycloak-gatekeeper with oauth2-proxy

Question

Replace keycloak-gatekeeper with oauth2-proxy

fungiboletus opened this issue 3 years ago · 6 comments

Hi,

Keycloak-gatekeeper is discontinued and oauth2-proxy should be used instead. The docker image hasn't been updated since a few years.

I would like to update the helm chart to use oauth2-proxy instead. Probably using the official project helm chart. There is also the bitnami helm chart that could be considered. Do you have a strong preference?

The deployment would look a bit different too, with another deployment and service for the oauth2-proxy instead of a side container in the octant pod. It's more complex but we can point the oauth2-proxy helm chart as a dependency when sso is enabled.

aleveille commented 2 years ago

Done :)

Answer 1 · 2022-04-25T21:24:16.000Z

Just as an update, this is still on my todo to work on your PRs & issues. It's been a busy few weeks on my end!

Answer 2 · 2022-04-26T06:35:23.000Z

No problem. I went ahead on my fork, and I think it works.

You can check the differences and the example in the readme there : https://github.com/SINTEF/octant-dashboard-turnkey

Answer 3 · 2022-05-03T22:34:12.000Z

@fungiboletus I was going to pull your changes into my repository, but I realized there's little values for us both to maintain nearly identical repository. If you are OK with this, I would deprecate my repository and redirect people to yours, making yours the primary repo for this chart from now on.

Let me know what you think.

Answer 4 · 2022-05-04T07:46:05.000Z

I wouldn't mind maintaining the repository instead of you if you don't want it anymore.

Another possibility is to add me to your repository as admin, where you could keep the ownership while having me pushing a few commits once in a while.

Answer 5 · 2022-08-26T05:44:57.000Z

Great! I was waiting for an update of octant before working on your repository again. Unfortunately it looks like octant is on standby for now.