Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Switched from metadata_url to metadata for end user authentication #26042

Open
wants to merge 24 commits into
base: main
Choose a base branch
from
Open

Switched from metadata_url to metadata for end user authentication #26042

wants to merge 24 commits into from
+6 −2

Conversation

allenhouchins
Copy link
Member

Switched from metadata_url to metadata for end user authentication.

fleet-release
fleet-release previously approved these changes Feb 4, 2025
View reviewed changes
fleet-release
fleet-release previously approved these changes Feb 4, 2025
View reviewed changes
@getvictor
Copy link
Member

Hey @getvictor do you know why we're hitting this GitOps error? https://github.com/fleetdm/fleet/actions/runs/13165608227/job/36744901826#step:6:184

Maybe $DOGFOOD_SSO_METADATA has newlines, which messes things up

@allenhouchins
Copy link
Member Author

allenhouchins commented Feb 5, 2025
edited
Loading

@getvictor The odd thing about this is that same exact variable works without issue further down in the yaml.

The error also mentions JSON but the data inside that variable is XML.

fleet-release
fleet-release previously approved these changes Feb 5, 2025
View reviewed changes
@noahtalerman
Copy link
Member

The odd thing about this is that same exact variable works without issue further down in the yaml.

@allenhouchins agreed. I think we should get some engineering help digging in. Can you please file a bug for this?

@allenhouchins allenhouchins mentioned this pull request Feb 6, 2025
Open
@allenhouchins
Copy link
Member Author

allenhouchins commented Feb 6, 2025
edited
Loading

@noahtalerman
Issue: #26135
Also ran into this while testing: #26075

@allenhouchins
Copy link
Member Author

Keeping this pull request open while this bug is being looked at: #26135

sgress454
sgress454 reviewed Feb 11, 2025
View reviewed changes
it-and-security/default.yml Outdated
metadata_url: $DOGFOOD_MDM_SSO_METADATA_URL
issuer_uri: $DOGFOOD_SSO_ISSUER_URI
metadata: |-
$DOGFOOD_SSO_METADATA
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@allenhouchins based on my testing for #26135 I would experiment with moving this two spaces forward or two spaces back, i.e.

      metadata: |-
      $DOGFOOD_SSO_METADATA

or

      metadata: |-
          $DOGFOOD_SSO_METADATA

and see if either of those works.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@sgress454 No change in behavior.
Two spaces forward: 2927aa3
Two spaces backward: c1bc859

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 thanks for trying

@sgress454
Copy link
Contributor

@allenhouchins so based on everything I'm seeing, this is gonna require a new secret. The indentation in the current one won't work for mdm. I can provide a new version of the secret to try.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sgress454 sgress454 sgress454 left review comments

@fleet-release fleet-release fleet-release left review comments

@lukeheath lukeheath Awaiting requested review from lukeheath lukeheath is a code owner

@georgekarrv georgekarrv Awaiting requested review from georgekarrv georgekarrv is a code owner

@sharon-fdm sharon-fdm Awaiting requested review from sharon-fdm sharon-fdm is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@allenhouchins @noahtalerman @getvictor @sgress454 @fleet-release