-
Notifications
You must be signed in to change notification settings - Fork 31
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Deploy auth server with OIDC authN on integration cluster #261
Comments
@ericvaandering regarding sync script for OIDC subject <-> rucio account. I have a script that can do that and it needs:
I was thinking that should be quite easy to integrate this with the CRIC sync script, or maybe make a parallel one (even better). What are your thougths/preferences? |
I guess we we should follow this up with an issue to get this into production? @dciangot want to make that and put it in the project? Then actually close this one? |
So far I have added a separate .sh that contains the oidc-agent configuration (needed to refresh the token used to get user info). I'd avoid to get x509 sync stuck due to OIDC server issues or any bug related to this. Can we evaluate to setup a separate k8s cronjob? |
I'd rather not. We can investigate setting timeouts or just do your part at the end. |
https://stackoverflow.com/questions/55431218/cron-job-with-timeout I should set these in general. |
Ok, np, I'll put all in the same sh then. |
Then we need something like dmwm/rucio-flux@e583d7e for prod as well |
Created #312 for PROD deployment. I'm closing this. |
dmwm/rucio-flux#61
The text was updated successfully, but these errors were encountered: