You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When the OIDC configuration is provided with reference to a secret value, some times the secret is interpreted correctly, other times it is not, resulting in sending the actual string ($argo-oidc:clientid) to the OIDC provider instead of the value from the secret. When this happens, a delete of the argocd server pod will resolve the issue.
To Reproduce
Deploy argo with the below oidc config map elements. After a random period of time, even after a initial successful OIDC login has been performed, when the OIDC token refresh occurs, it will fail with the below warning messages in the logs.
time="2024-05-15T12:26:15Z" level=warning msg="config referenced '$argo-oidc:clientid', but key does not exist in secret"
time="2024-05-15T12:26:15Z" level=warning msg="config referenced '$argo-oidc:clientsecret', but key does not exist in secret"
The text was updated successfully, but these errors were encountered:
Checklist:
argocd version
.Describe the bug
When the OIDC configuration is provided with reference to a secret value, some times the secret is interpreted correctly, other times it is not, resulting in sending the actual string ($argo-oidc:clientid) to the OIDC provider instead of the value from the secret. When this happens, a delete of the argocd server pod will resolve the issue.
To Reproduce
Deploy argo with the below oidc config map elements. After a random period of time, even after a initial successful OIDC login has been performed, when the OIDC token refresh occurs, it will fail with the below warning messages in the logs.
Expected behavior
Secret references should always be resolved and not treated as plain text.
Screenshots
Version
Logs
The text was updated successfully, but these errors were encountered: