Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug: SSO Login Service configuration is misaligned and prevents saving #6312

Open
2 tasks done
woopla opened this issue Jan 17, 2025 · 14 comments
Open
2 tasks done

Bug: SSO Login Service configuration is misaligned and prevents saving #6312

woopla opened this issue Jan 17, 2025 · 14 comments
Assignees
@prakarsh-dt @vikramdevtron
Labels
bug Something isn't working needs-triage Issue is not approved or ready-to-work on

Comments

@woopla
Copy link

woopla commented Jan 17, 2025

📜 Description

I just installed v1.0.0 using the Helm chart, and I cannot configure LDAP access. It seems to be because the YAML fields are misaligned:

Image

In all the examples I could see on your site, all the editable part is indented to be part of config.

👟 Reproduction steps

  1. Go to Global Configurations -> Authorization -> Login Services
  2. Edit the LDAP config
  3. Click on "Save" (even using the default config)

👍 Expected behavior

Clicking on 'save' should save the config and allow me to login to Devtron using LDAP.

👎 Actual Behavior

I'm getting a "Some required fields are missing" error. I also tried to properly align with the fixed part above of the editable part, but it always snaps back to where it was.

☸ Kubernetes version

KFD-based cluster running Kubernetes v.1.29.3

Cloud provider

On-prem KFD installation.

🌍 Browser

Edge

🧱 Your Environment

I tried with

  • MS Edge 131.0.2903.112
  • Google Chrome 131.0.6778.265
  • Mozilla Firefox

✅ Proposed Solution

You should either make sure that the editable fields are properly aligned, or make the whole section editable so this doesn't happen. I could have worked around the issue if I could align things myself...

👀 Have you spent some time to check if this issue has been raised before?

  • I checked and didn't find any similar issue

🏢 Have you read the Code of Conduct?
@woopla woopla added bug Something isn't working needs-triage Issue is not approved or ready-to-work on labels Jan 17, 2025
@pawan-mehta-dt
Copy link
Contributor

@woopla can you confirm whether the final rended yaml after you save is correct for dex.config key in devtron-secret in devtroncd namespace?

@woopla
Copy link
Author

woopla commented Jan 21, 2025

@pawan-mehta-dt it's empty:

> k get -n devtroncd secret/devtron-secret -o jsonpath='{.data}' | jq '."dex.config"'
""

(I checked k get -n devtroncd secret/devtron-secret -o yaml to be sure, other things like ADMIN_PASSWORD are there as expected).

It's refusing to save the config because of this "missing" field.

@woopla
Copy link
Author

woopla commented Jan 27, 2025

@pawan-mehta-dt can you please share an example of a proper dex.config string, so I can try and set it manually in the secret?

@woopla
Copy link
Author

woopla commented Feb 3, 2025

@pawan-mehta-dt any example for me here?

@woopla
Copy link
Author

woopla commented Feb 4, 2025

I went ahead a created a YAML file, then shoved it into dex.config as a base64-encoded string. Nothing happens, I do not see anything in the UI. Either that field gets ignored, or errors preventing it from loading are ignored.

@pawan-mehta-dt
Copy link
Contributor 

  dex.config: |
    connectors:
    - config:
        bindDN: uid=admin,ou=people,dc=devtron,dc=local
        bindPW: ••••••••
        groupSearch:
          baseDN: ou=groups,dc=devtron,dc=local
          filter: (objectClass=groupOfUniqueNames)
          nameAttr: cn
          userMatchers:
            - groupAttr: member
              userAttr: DN
        host: lldap-service.devtron-demo:3890
        insecureNoSSL: true
        insecureSkipVerify: true
        userSearch:
          baseDN: ou=people,dc=devtron,dc=local
          emailAttr: mail
          idAttr: uid
          nameAttr: displayName
          preferredUsernameAttr: uid
          username: uid
        usernamePrompt: ••••••••
      id: ldap
      name: LDAP
      type: ldap

This is an example of Working dex config @woopla
We can also schedule a call and debug the issue if you are stuck with it, fill a form with your work email and we'll schedule a call on the same to debug the issue.
https://oss-support.devtron.ai

@woopla
Copy link
Author

woopla commented Feb 6, 2025

I changed the secret to match that, and restarted all the pods in the devtroncd namespace, but no luck - it's still showing the default config, not this one. What do I need to do to get the updated secret to be used by devtron?

@pawan-mehta-dt
Copy link
Contributor

@woopla Let me know if you have filled out the form, I'll schedule a call for the same with you. Please share the date and time when you filled the form

@woopla
Copy link
Author

woopla commented Feb 12, 2025

Sorry for the late reply @pawan-mehta-dt . I did fill the form with my work email on Feb 5.

@woopla
Copy link
Author

woopla commented Feb 19, 2025

Were you able to find my form @pawan-mehta-dt ?

@pawan-mehta-dt
Copy link
Contributor

Yes, @woopla Can you share any preferred time slot and your time zone to schedule a call?

@woopla
Copy link
Author

woopla commented Feb 20, 2025

Time zone is US Pacific, and time slot would be 8-10 am. I know it's not the most convenient for you...

@pawan-mehta-dt
Copy link
Contributor

@woopla does 10 AM PST Feb 25 work for you?

@woopla
Copy link
Author

woopla commented Feb 24, 2025

I can do 30 minutes @pawan-mehta-dt

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@prakarsh-dt prakarsh-dt

@vikramdevtron vikramdevtron

Labels
bug Something isn't working needs-triage Issue is not approved or ready-to-work on
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@woopla @prakarsh-dt @vikramdevtron @pawan-mehta-dt