我设置了 Dex Github 连接器并可以成功登录。
这是来自 Dex 服务器日志。
msg="login successful: connector \"github\"
这是来自 argocd 服务器日志。
│ time="2023-03-07T14:09:52Z" level=info msg="Initializing OIDC provider (issuer: https://argocd.dev.xxx.com/api/dex)" │
│ time="2023-03-07T14:09:52Z" level=info msg="received unary call /session.SessionService/GetUserInfo" grpc.method=GetUserInfo grpc.request.content= grpc.service=session.SessionSer │
│ vice grpc.start_time="2023-03-07T14:09:52Z" span.kind=server system=grpc │
│ time="2023-03-07T14:09:52Z" level=info msg="finished unary call with code OK" grpc.code=OK grpc.method=GetUserInfo grpc.service=session.SessionService grpc.start_time="2023-03-07 │
│ T14:09:52Z" grpc.time_ms=8.645 span.kind=server system=grpc
但是,登录后屏幕闪烁,我回到登录页面。
这是我的 RBAC 设置。
configs:
cm:
accounts.xxx-admin: apiKey, login
accounts.xxx-developer: apiKey, login
url: "https://argocd.dev.xxx.com"
dex.config: |
connectors:
- type: github
id: github
name: GitHub
config:
clientID: $dex.github.clientID:dex.github.clientID
clientSecret: $dex.github.clientsecret:dex.github.clientSecret
orgs:
- name: xxxorg
rbac:
create: true
policy.default: role:none
policy.csv: |
p, role:none, *, *, */*, deny
p, role:xxxadmin, applications, *, */*, allow
p, role:xxxadmin, clusters, get, *, allow
p, role:xxxadmin, repositories, get, *, allow
p, role:xxxadmin, repositories, create, *, allow
p, role:xxxadmin, repositories, update, *, allow
p, role:xxxadmin, repositories, delete, *, allow
g, xxx-admin, role:admin
g, xxx-developer, role:readonly
g, xxxorg:devops, role:admin
g, xxxorg:engineering, role:admin
g, xxxorg:app, role:readonly
g, xxxorg:automation, role:readonly
g, xxxorg:automation-qa, role:readonly
g, xxxorg:de, role:readonly
尝试重新启动 argocd-server pod
就我而言,从浏览器中删除cookie就可以了。