Skip to content

docs(openshift): add manual JWT signing secret step #1556

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
natifridman wants to merge 1 commit into from
+18 −0
Closed

docs(openshift): add manual JWT signing secret step #1556

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 18 additions & 0 deletions docs/kubernetes/openshift.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,24 @@ Sandbox pods run under the `openshell-sandbox` service account in the `openshell
oc adm policy add-scc-to-user privileged -z openshell-sandbox -n openshell
```

## Create the JWT signing secret

The PKI init job is disabled (see next step), so the JWT signing keys it would normally create must be provisioned manually:

```shell
openssl genpkey -algorithm Ed25519 -out /tmp/signing.pem
openssl pkey -in /tmp/signing.pem -pubout -out /tmp/public.pem
openssl rand -hex 16 > /tmp/kid

oc create secret generic openshell-jwt-keys \
-n openshell \
--from-file=signing.pem=/tmp/signing.pem \
--from-file=public.pem=/tmp/public.pem \
--from-file=kid=/tmp/kid

rm /tmp/signing.pem /tmp/public.pem /tmp/kid
```

## Install the chart with OpenShift overrides

```shell
Expand Down
Loading