devtron-labs
Bug: SSO Login Service configuration is misaligned and prevents saving
📜 Description
I just installed v1.0.0 using the Helm chart, and I cannot configure LDAP access. It seems to be because the YAML fields are misaligned:
In all the examples I could see on your site, all the editable part is indented to be part of config.
👟 Reproduction steps
- Go to Global Configurations -> Authorization -> Login Services
- Edit the LDAP config
- Click on "Save" (even using the default config)
👍 Expected behavior
Clicking on 'save' should save the config and allow me to login to Devtron using LDAP.
👎 Actual Behavior
I'm getting a "Some required fields are missing" error. I also tried to properly align with the fixed part above of the editable part, but it always snaps back to where it was.
☸ Kubernetes version
KFD-based cluster running Kubernetes v.1.29.3
Cloud provider
🌍 Browser
Edge
🧱 Your Environment
I tried with
- MS Edge 131.0.2903.112
- Google Chrome 131.0.6778.265
- Mozilla Firefox
✅ Proposed Solution
You should either make sure that the editable fields are properly aligned, or make the whole section editable so this doesn't happen. I could have worked around the issue if I could align things myself...
👀 Have you spent some time to check if this issue has been raised before?
- [x] I checked and didn't find any similar issue
🏢 Have you read the Code of Conduct?
- [x] I have read the Code of Conduct
@woopla can you confirm whether the final rended yaml after you save is correct for dex.config key in devtron-secret in devtroncd namespace?
@pawan-mehta-dt it's empty:
> k get -n devtroncd secret/devtron-secret -o jsonpath='{.data}' | jq '."dex.config"'
""
(I checked k get -n devtroncd secret/devtron-secret -o yaml to be sure, other things like ADMIN_PASSWORD are there as expected).
It's refusing to save the config because of this "missing" field.
@pawan-mehta-dt can you please share an example of a proper dex.config string, so I can try and set it manually in the secret?
I went ahead a created a YAML file, then shoved it into dex.config as a base64-encoded string. Nothing happens, I do not see anything in the UI. Either that field gets ignored, or errors preventing it from loading are ignored.
dex.config: |
connectors:
- config:
bindDN: uid=admin,ou=people,dc=devtron,dc=local
bindPW: ••••••••
groupSearch:
baseDN: ou=groups,dc=devtron,dc=local
filter: (objectClass=groupOfUniqueNames)
nameAttr: cn
userMatchers:
- groupAttr: member
userAttr: DN
host: lldap-service.devtron-demo:3890
insecureNoSSL: true
insecureSkipVerify: true
userSearch:
baseDN: ou=people,dc=devtron,dc=local
emailAttr: mail
idAttr: uid
nameAttr: displayName
preferredUsernameAttr: uid
username: uid
usernamePrompt: ••••••••
id: ldap
name: LDAP
type: ldap
This is an example of Working dex config @woopla We can also schedule a call and debug the issue if you are stuck with it, fill a form with your work email and we'll schedule a call on the same to debug the issue. https://oss-support.devtron.ai
I changed the secret to match that, and restarted all the pods in the devtroncd namespace, but no luck - it's still showing the default config, not this one. What do I need to do to get the updated secret to be used by devtron?
@woopla Let me know if you have filled out the form, I'll schedule a call for the same with you. Please share the date and time when you filled the form
Sorry for the late reply @pawan-mehta-dt . I did fill the form with my work email on Feb 5.
Yes, @woopla Can you share any preferred time slot and your time zone to schedule a call?
Time zone is US Pacific, and time slot would be 8-10 am. I know it's not the most convenient for you...
Hi @sam-fraiday, you must be a member of the organization 'devtron-labs' to add or remove labels.
Fix for this for whoever is seeing this in the future. Click the green text under the orchestrator url section and save it again for it to work.
Hi @sam-fraiday, you must be a member of the organization 'devtron-labs' to add or remove labels.