Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

createUserForbidden on OIDC enabled instance #42

Open
srinath-chandra opened this issue Jun 9, 2023 · 3 comments
Open

createUserForbidden on OIDC enabled instance #42

srinath-chandra opened this issue Jun 9, 2023 · 3 comments

Comments

@srinath-chandra
Copy link

Seems this tools doesn't work for OIDC enabled Harbor instances, as the local user creation would be disabled, when on OIDC.

When we run perf prepare on OIDC enabled instance we get below error [Test projects gets created fine]:
INFO[0001] GoError: failed to create user user-001, error: [POST /users][403] createUserForbidden source=console

We use admin User, so its not the User permission issue, rather not allowed of local User creation apart from the default admin user, when OIDC is enabled.

Any suggestions or workaround please?
@jicki
Copy link

jicki commented Jul 3, 2023

确实如此~ 有什么办法吗?

@chlins
Copy link
Member

chlins commented Jul 26, 2023

Yes, harbor admin can not create user manually when switch the auth mode to OIDC because the local user only available when use DB for authorization, so a workaround may delete the script for prepare user.

@nmcostello
Copy link

Yup, we just do a simple rm scripts/data/02-user.js scripts/data/03-project-member.js prior to running go run mage.go prepare.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@jicki @nmcostello @chlins @srinath-chandra