- Seams like the image within the Spire OIDC & Vault and should be replaced with
ghcr.io/spiffe/oidc-discovery-provider:1.5.3
- The
readinessProbe for the spire-oidc should be set to path: /ready
- The
domain in the oidc-dp-configmap.yaml should be configured as a list: domains = ["MY_DISCOVERY_DOMAIN"]
In addition I do not understand why the ingress.yaml file is a part of the tutorial.
- Under requirements, I did not found any request to deploy K8s Ingress Controller
- Even if I deployed some K8s Ingress Controller on my K8s cluster, it's seems that I've to have the
Cert Manager? Or should I provide TLS certs for the ingress manually? The Ingress rules include this directive: secretName: oidc-secret but in fact there is no such a secret with TLS keys.
- Why the tutorial requests ingress rule, while
server-oidc-service.yaml is a LoadBalancer service & the DNS configured to the external IP of that service.
ghcr.io/spiffe/oidc-discovery-provider:1.5.3readinessProbefor thespire-oidcshould be set topath: /readydomainin theoidc-dp-configmap.yamlshould be configured as a list:domains = ["MY_DISCOVERY_DOMAIN"]In addition I do not understand why the
ingress.yamlfile is a part of the tutorial.Cert Manager? Or should I provide TLS certs for the ingress manually? The Ingress rules include this directive:secretName: oidc-secretbut in fact there is no such a secret with TLS keys.server-oidc-service.yamlis aLoadBalancerservice & the DNS configured to the external IP of that service.