Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable OIDC extension in Provisioner #3466

Closed
1 task
tobiscr opened this issue Sep 3, 2024 · 2 comments
Closed
1 task

Enable OIDC extension in Provisioner #3466

tobiscr opened this issue Sep 3, 2024 · 2 comments
Labels
area/control-plane Related to all activities around Kyma Control Plane kind/feature Categorizes issue or PR as related to a new feature.

Comments

@tobiscr
Copy link
Contributor

tobiscr commented Sep 3, 2024
edited
Loading

Description

The Gardener OIDC extension is important for several important customers of Kyma. Caused by some delays in the rollout of KIM, we decided to enable this extension already in the Provisioner to unblock our customers in their goals.

Related line is:

extensions:
   - type: shoot-oidc-service  #this line enables OIDC extension

We will enable this OIDC extension in all new created Gardener clusters. Shoot-Specs of existing clusters will NOT be updated!

AC:

  • Enable GArdener's OIDC extension per default in all shoot-specs of new created clusters

Appendix:
@tobiscr tobiscr added kind/feature Categorizes issue or PR as related to a new feature. area/control-plane Related to all activities around Kyma Control Plane labels Sep 3, 2024
@koala7659 koala7659 mentioned this issue Sep 3, 2024
Merged
@tobiscr tobiscr closed this as completed Sep 4, 2024
@abbi-gaurav
Copy link
Member

Hi @tobiscr , is there some documentation added / planned in help.sap.com to let SKR users know how they can use it?

@tobiscr
Copy link
Contributor Author

tobiscr commented Oct 4, 2024
edited
Loading

This is actually not the official feature we want to deliver. We enabled the OIDC extension in Provisioner only because we had customers who were blocked in their go-live.

The official feature is kyma-project/kyma#18305. But we need first to migrate KIM on Production and also KEB has to make additional OIDC-providers configurable via BTP cockpit.

The documentation will happen when we deliver the official feature as part of the delivery process.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/control-plane Related to all activities around Kyma Control Plane kind/feature Categorizes issue or PR as related to a new feature.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@abbi-gaurav @tobiscr