Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Make "caCertSecretName" optional in external authService config

See original GitHub issue

When using an address space configuration with an external authentication service with a host for which there is a proper (not self-signed) certificate, it would be good to have the “caCertSecretName” configuration be optional. Meaning that in this case JRE / OS provided CA certs should be used for validation.

Currently, when omitting the “caCertSecretName” property, there is an exception about this property being required. With an empty property value, there is an internal exception later on:

2018-09-04 07:34:31 INFO  ControllerChain:109 - Check address spaces: [play:bosch, play:pg-hub-4463]
2018-09-04 07:34:31 WARN  ResourceChecker:53 - Exception in checker task
java.lang.IllegalArgumentException: Name must be provided.
	at io.fabric8.kubernetes.client.dsl.base.BaseOperation.withName(BaseOperation.java:255)
	at io.fabric8.kubernetes.client.dsl.base.BaseOperation.withName(BaseOperation.java:70)
	at io.enmasse.controller.common.KubernetesHelper.getSecret(KubernetesHelper.java:220)
	at io.enmasse.controller.TemplateInfraResourceFactory.lambda$createResourceList$1(TemplateInfraResourceFactory.java:51)
	at java.util.Optional.ifPresent(Optional.java:159)
	at io.enmasse.controller.TemplateInfraResourceFactory.createResourceList(TemplateInfraResourceFactory.java:51)
	at io.enmasse.controller.StatusController.isReady(StatusController.java:38)
	at io.enmasse.controller.StatusController.handle(StatusController.java:26)
	at io.enmasse.controller.ControllerChain.onUpdate(ControllerChain.java:120)
	at io.enmasse.k8s.api.ResourceChecker.doWork(ResourceChecker.java:48)
	at io.enmasse.k8s.api.ResourceChecker.run(ResourceChecker.java:40)
	at java.lang.Thread.run(Thread.java:748)

Issue Analytics

  • State:closed
  • Created 5 years ago
  • Reactions:1
  • Comments:5 (5 by maintainers)

github_iconTop GitHub Comments

1reaction
calohmncommented, Oct 1, 2018

@lulf test was successful, it works 👍

0reactions
lulfcommented, Sep 26, 2018
Read more comments on GitHub >

github_iconTop Results From Across the Web

Adding CORS configuration while using EXT Auth service ...
I'm running 2 Kubernetes clusters with ambassador edge stack. One cluster does not use any Auth Service so setting CORS configuration by ...
Read more >
AuthService settings | Ambassador
This will tell Emissary-ingress to allow all requests for that Mapping through without interacting with the external auth service. This could be helpful,...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Keycloak runs into OOM when starting

Next page

UserAPI: Fix error messages in response from userapi