client_cert error during OIDC authentication
goku007xx opened this issue · 1 comments
I have modified kustomization.yaml to include the OIDC manifest and modified the manifest accordingly. When i run the kubectl apply -k ., the files are created. The error is coming from the gatekeeper-policy-manager pod which gets into a state of CrashLoopBackOff. I see the logs for that pod using the kubectl logs gatekeeper-policy-manager-**********-***** -n gatekeeper-system command which gives the below.
Error: The problem seems to come from the ProviderConfiguration class which is searching for the client_cert attribute and it is None at the moment. Not exactly sure if the problem is because of the OIDC provider issue or is it something else. Any help would be appreciated.
The ProviderConfiguration snippet from app.py is given below for reference:
provider_metadata = ProviderMetadata(
issuer=os.environ.get("GPM_OIDC_ISSUER"),
authorization_endpoint=os.environ.get("GPM_OIDC_AUTHORIZATION_ENDPOINT"),
jwks_uri=os.environ.get("GPM_OIDC_JWKS_URI"),
token_endpoint=os.environ.get("GPM_OIDC_TOKEN_ENDPOINT"),
token_introspection_endpoint=os.environ.get("GPM_OIDC_INTROSPECTION_ENDPOINT"),
userinfo_endpoint=os.environ.get("GPM_OIDC_USERINFO_ENDPOINT"),
end_session_endpoint=os.environ.get("GPM_OIDC_END_SESSION_ENDPOINT"),
)
provider_config = ProviderConfiguration(
issuer=os.environ.get("GPM_OIDC_ISSUER"),
provider_metadata=provider_metadata,
session_refresh_interval_seconds=10,
client_metadata=ClientMetadata(
client_id=os.environ.get("GPM_OIDC_CLIENT_ID"),
client_secret=os.environ.get("GPM_OIDC_CLIENT_SECRET"),
),
)