[GEP-12] OIDC Webhook Authenticator #2481
Conversation
gardener-robot
added
area/security
|
@mvladev Label area/operations does not exist. |
There was a problem hiding this comment.
/invite @holgerkoser @donistz @ThormaehlenFred @ccwienk
@mvladev can you also explain how you envision this to be implemented? Would it be a Gardener extension that, if deployed via ControllerRegistration, would deploy the necessary components and inject the necessary shoot kube-apiserver configuration via webhook?
rfranzke
changed the title
mvladev
force-pushed
the
add-oidc-webhook-authenticator-gep
branch
from
b400c7f
to
09b8e3d
Compare
gardener-robot
requested review from
ccwienk,
donistz,
ThormaehlenFred and
vlerenc
|
@holgerkoser @ThormaehlenFred @vlerenc @ccwienk @donistz any comments from you or anybody else? |
|
@rfranzke Besides the open points I would also vote for merging this PR soon. There is no need to keep it open if there are no further comments. |
|
Sorry for the delay - I've updated the PR and resolved the comments. |
|
/needs rebase |
This enchancement proposal adds ODIC Webhook Authenticator which can be used to add multiple OIDC providers in a standard Kubernetes API Server.
mvladev
force-pushed
the
add-oidc-webhook-authenticator-gep
branch
from
cc18826
to
5cd1b9d
Compare
|
@danielfoehrKn can you have another look? |
gardener-robot
added
priority/3
How to categorize this PR?
/area operations
/area security
/area user-management
/kind enhancement
/priority normal
What this PR does / why we need it:
This enhancement proposal adds ODIC Webhook Authenticator which can be used to add multiple OIDC providers to a standard Kubernetes API Server.
Which issue(s) this PR fixes:
Fixes #
Special notes for your reviewer:
Release note: