SSO netpol blocks redirect to keycloak on BB 1.26.0
SSO with netpols enabled works on EKS, but not on AKS. On AKS, it just spins. When working, the oidc connect redirects to keycloak. Changing the allowed egress port to 8443 worked. Is it possible to make this configurable with a values override?
EDIT: The reason it works on EKS is because we have the kube-api egress rule set to allow any port on the 10.0.0.0/8 range. If we didn't have that, then EKS would fail too. What it boils down to is the SSO netpol in gitlab needs to either be set to 8443 which is what keycloak is configured to listen on or make it configurable.
Edited by John Stacy