The scripts to prepare the YAML to deploy dex depend on a parameters to be set. Ensure the following are set in params.yaml:
# the DNS CN to be used for dex service
management-cluster.dex-fqdn: dex.mgmt.tkg-aws-lab.winterfell.live
# the default auth server url from Okta
okta.auth-server-fqdn: dev-866321145.okta.com
# the client id and secret from the app you created in Okta for Dex
okta.dex-app-client-id: 123adsfsadf3234r
okta.dex-app-client-secret: 123adsfsadf3234rPrepare the YAML manifests for the related dex K8S objects. Manifests will be output into generated/$MANAGMEMENT_CLUSTER_NAME/dex/ in case you want to inspect.
We can currently use the base aws yaml for any environment.
./scripts/generate-and-apply-dex-yaml.shThis script will check at the end that the Dex certificate is valid, which depends on the Let's Encrypt / Acme challenge to be resolved, that can take a couple of minutes.
Check to see dex pod is ready
kubectl get po -n tanzu-system-auth