Problem to solve
Working to get OIDC configured on a new gitlab deployment. I’ve read the instructions and so far have created a secret with a key ‘provider’ which has my oidc yaml configuration. I’ve specified this provider in the helm chart. Yet, when I access the gui there is no keycloak login option.
Configuration
via the helm chart:
appConfig:
omniauth:
enabled: true
autoSignInWithProvider: openid_connect
# syncProfileFromProvider: []
# syncProfileAttributes: [email]
allowSingleSignOn: [oauth2_generic]
blockAutoCreatedUsers: false
# autoLinkLdapUser: false
# autoLinkSamlUser: false
# autoLinkUser: []
# externalProviders: []
# allowBypassTwoFactor: []
providers:
- secret: gitlab-keycloak
oidc config which is stored in the secret:
name: 'openid_connect' # do not change this parameter
label: 'Keycloak'
icon: 'https://imgs.search.brave.com/rxsziFGXRM-sUemIQjrKfk0JS7CxwIaV0Tpm5yAqu_0/rs:fit:860:0:0/g:ce/aHR0cHM6Ly91cGxv/YWQud2lraW1lZGlh/Lm9yZy93aWtpcGVk/aWEvY29tbW9ucy90/aHVtYi8yLzI5L0tl/eWNsb2FrX0xvZ28u/cG5nLzIyMHB4LUtl/eWNsb2FrX0xvZ28u/cG5n'
args:
name: 'openid_connect'
scope:
- openid
- profile
- email
response_type: 'code'
issuer: 'https://keycloak.home.net/realms/home'
discovery: true
client_auth_method: 'jwt_bearer'
uid_field: 'preferred_username'
send_scope_to_token_endpoint: false
pkce: false
client_options:
identifier: 'gitlab'
secret: '<redacted>'
redirect_uri: 'https://gitlab.home.net/users/auth/openid_connect/callback'
Versions
dependencies:
- name: gitlab
version: 7.9.2
repository: https://charts.gitlab.io