UNCLASSIFIED - NO CUI

Skip to content
Snippets Groups Projects

Redis

Merged runyontr requested to merge redis into main

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
  • runyontr changed the description

    changed the description

  • runyontr added 1 commit

    added 1 commit

    Compare with previous version

  • runyontr assigned to @branden.cobb and @LynnStill

    assigned to @branden.cobb and @LynnStill

  • We need to have a discussion about how redis will be implemented
    https://repo1.dso.mil/platform-one/big-bang/bigbang/-/issues/263
    Redis should be a BigBang addon that other addons can reference as a dependency. A similar strategy as minio.
    Hacking upstream charts to add a redis subchart does not seem like a good strategy. Most charts already support pointing to an external redis. Let BigBang handle the integration.

    Edited by kevin.wilder
  • Based on the conversations I withdraw my previous comment. ArgoCD upstream helm chart does not support pointing to an external Redis service.

  • running into a redis error with sso enabled:

    failed to verify app state LzNRtHrfcs: NOAUTH Authentication required.

    Logging in as admin works fine, but trying to use sso throws the above error.

    using these test values:

    global:
      imagePullSecrets:
      - name: private-registry-mil
    
    controller:
      imagePullSecrets: [name: private-registry-mil]
    
    dex:
      imagePullSecrets: [name: private-registry-mil]
    
    redis:
      imagePullSecrets: [name: private-registry-mil]
    
    istio:
      enabled: true
    
    redis-ha:
      enabled: true
    
    server:
      config:
        url: https://argocd.bigbang.dev
    
    sso:
      enabled: true
      rbac:
        policy.csv: |
          g, Impact Level 2 Authorized, role:admin
      keycloakClientSecret: this-can-be-anything-for-dev
      config:
        oidc.config: |
          name: Keycloak
          issuer: https://login.dso.mil/auth/realms/baby-yoda
          clientID: platform1_a8604cc9-f5e9-4656-802d-d05624370245_bb8-argocd
          clientSecret: $oidc.keycloak.clientSecret
          requestedScopes: ["openid","ArgoCD"]

    Possibly an issue with passing a password into redis? I don't see a value to pass through to the redis chart in argo's values to enable or disable authentication or to set the password value. Am I missing something?

    Edited by Branden Cobb
  • Branden Cobb added 1 commit

    added 1 commit

    • 95834cb9 - add redis usePassword in argo chart

    Compare with previous version

  • Branden Cobb
  • runyontr
  • i am not aware of any app package that tests SSO in the CI pipeline. SSO is defaulted to false.

  • Branden Cobb added 1 commit

    added 1 commit

    • 324d4668 - removed extra values from test-values.yml

    Compare with previous version

  • Branden Cobb resolved all threads

    resolved all threads

  • Branden Cobb marked this merge request as ready

    marked this merge request as ready

  • Branden Cobb approved this merge request

    approved this merge request

  • Branden Cobb mentioned in commit 9cc12580

    mentioned in commit 9cc12580

  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Please register or sign in to reply
    Loading