New Helm Chart available
sspreitzer opened this issue · 9 comments
Hi
I just create a new Helm Chart based on tremolosecurity/kube-oidc-proxy, as this project and Helm Chart seem to have come to a halt.
@sspreitzer thank you very much as this one is looking deprecated.
@sspreitzer @mlbiam Hi! Could you highlight what are the differences between https://github.com/TremoloSecurity/kube-oidc-proxy/tree/master/deploy/charts/kube-oidc-proxy and https://github.com/sspreitzer/helm-kube-oidc-proxy
I would be glad to have one place to develop helm chart, report issues and make PR. For instance, I found that the current certificate generation is not ideal as https://github.com/headlamp-k8s/headlamp complains that
2024/04/09 10:46:57 http: proxy error: tls: failed to verify certificate: x509: certificate relies on legacy Common Name field, use SANs instead
2024/04/09 10:47:01 http: proxy error: tls: failed to verify certificate: x509: certificate relies on legacy Common Name field, use SANs instead
2024/04/09 10:47:02 http: proxy error: tls: failed to verify certificate: x509: certificate relies on legacy Common Name field, use SANs instead
2024/04/09 10:47:07 http: proxy error: tls: failed to verify certificate: x509: certificate relies on legacy Common Name field, use SANs instead
So I switched to generation with cert-manager
- it's simple and convenient and can be tuned to different usecases. Otherwise it could be nice to give an user option to provide it's own certificates and secret name containing them. It's just the most obvious enhancement that we can elaborate on.
@gecube In Open Source there can always be multiple projects and forks with the same name at different places. The way I decide which one to follow is by latest contribution and number of contributions or contributors.
I have no affiliation or insight to the helm charts at TremoloSecurity or headlamp. However I can help you with the helm chart at https://github.com/sspreitzer/helm-kube-oidc-proxy.
@sspreitzer thanks for the swift reply! I know how opensource works but it creates the fragmentation and multiple teams implement the same things. I could post you a comprehensive description of issue to https://github.com/sspreitzer/helm-kube-oidc-proxy but unfortunately only PRs are enabled.
I noticed this as well. I am currently teaching scuba diving in the tropics and it seems that some automatic GitLab update has failed. I am working on that now.
The link should work now. Please open an issue in that GitLab, Thank you.
@gecube Seems as if my hosting has some issue I should resolve when coming back from Thailand. I have enabled issues and discussions on the GitHub mirror. Feel free to drop an issue. Please excuse the inconveniences.