Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add auth to argo #1249

Merged
merged 23 commits into from
Apr 15, 2022
Merged

Add auth to argo #1249

merged 23 commits into from
Apr 15, 2022

Conversation

iameskild
Copy link
Member

@iameskild iameskild commented Apr 15, 2022

This is the initial auth setup for argo-workflow.

Argo uses OIDC which follows a more standardized configuration approach than OAuth. Providing redirectUrl and issuer should be enough for Argo to configure the remaining URLs itself (authorize_url, token_url and userdata_url).

How we configure groups to work is still TBD.

Related to #1230
Supersedes #1243

danlester and others added 19 commits March 24, 2022 10:45
* Add mdformat-tables

* Run mdformat on all files

* mdformat only docs folder (restore .github md files)

* Fix some vale, restore README/RELEASE
/docs/source/images/dev_postman_for_keycloak.png -- 298.79kb -> 270.60kb (9.44%)

Signed-off-by: ImgBotApp <[email protected]>

Co-authored-by: ImgBotApp <[email protected]>
#1194)

* Allow terraform init to upgrade providers within version specification

Closes #1193

* Black formatting
* Adding missing __init__ files

Closes #1195

* Explicitely using qhub for package

* Give hint on what to include
* Fix in case groups is None

* access all/keycloak/yaml

* jupyterlabproflies mapper

* Keycloak profiles working

* ignore changes to keycloak group attributes

* qhub upgrade for jupyterlab profiles

* docs for jupyterlabprofiles

* Renamed to jupyterlab_profiles
* Render .gitignore

* Render clean .gitignore

* Add unit test

* Upgrade black

* Upgrade black

* black format

* exclude qhub/_version.py from black

* Black what needs blackening

* Fix

* Fix
* Fix env doc links and add corresponding tests

* fix broken image link

* fix black formatting
* Update release notes

* Remove ref to cookiecutter

* Update link-checker version

* Fix

* Use lycee link-checker instead

* Remove lycee, update md config.json

* Revert version

* Release notes cleanup

* Rewording

* Add to vocab

* Fix table

* Add explicit warning about release

* Update README.md

Fixed some syntax/grammar issues.

* Minor updates

Co-authored-by: Christopher Ostrouchov <[email protected]>
Co-authored-by: Shannon <[email protected]>
… overrides (#1235)

* Suport adding load balancer annotations and ip via terraform overrides

* add documentation for terraform overrides

* make terraform overrides being able to override any variable
Bumps [moment](https://github.com/moment/moment) from 2.29.1 to 2.29.2.
- [Release notes](https://github.com/moment/moment/releases)
- [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md)
- [Commits](moment/moment@2.29.1...2.29.2)

---
updated-dependencies:
- dependency-name: moment
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Update cdsdashboards to 0.6.1

* voila v0.3.5
Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/substack/minimist/releases)
- [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Adam-D-Lewis <>
@iameskild iameskild requested a review from Adam-D-Lewis April 15, 2022 04:46
@iameskild
Copy link
Member Author

@Adam-D-Lewis I closed my first argo auth PR in favor of this one. I was trying to resolve the black related CI failures but it got a bit messy.

@Adam-D-Lewis Adam-D-Lewis merged commit 14a1a87 into argo Apr 15, 2022
@iameskild iameskild deleted the argo_auth branch May 5, 2022 17:37
iameskild added a commit that referenced this pull request May 26, 2022
* initial attempt to add argo-workflows

* add enable/disable argo functionality, comment out juptyerflow resources, add custom options for argo helm chart

* add value.yaml, add ingressroute to expose argo dashboard

* rename helm deployment

* add argo check and only check endpoint that are enabled

* reorder outputs

* add lots of comments for automatic pickup by prometheus and toggling rbac for individual argo workflows components

* cleanup comments, add emissary containerRuntime by default

* first pass at docs

* remove jupyterflow commented out resources

* Add auth to argo  (#1249)

* Mdformat tables (#1186)

* Add mdformat-tables

* Run mdformat on all files

* mdformat only docs folder (restore .github md files)

* Fix some vale, restore README/RELEASE

* [ImgBot] Optimize images (#1187)

/docs/source/images/dev_postman_for_keycloak.png -- 298.79kb -> 270.60kb (9.44%)

Signed-off-by: ImgBotApp <[email protected]>

Co-authored-by: ImgBotApp <[email protected]>

* Bump conda-store version to 0.3.14 (#1192)

* Allow terraform init to upgrade providers within version specification (#1194)

* Allow terraform init to upgrade providers within version specification

Closes #1193

* Black formatting

* Adding missing __init__ files (#1196)

* Adding missing __init__ files

Closes #1195

* Explicitely using qhub for package

* Give hint on what to include

* Release 0.3.15 for Conda-Store (#1205)

* Profilegroups (#1203)

* Fix in case groups is None

* access all/keycloak/yaml

* jupyterlabproflies mapper

* Keycloak profiles working

* ignore changes to keycloak group attributes

* qhub upgrade for jupyterlab profiles

* docs for jupyterlabprofiles

* Renamed to jupyterlab_profiles

* Render `.gitignore`, black py files (#1206)

* Render .gitignore

* Render clean .gitignore

* Add unit test

* Upgrade black

* Upgrade black

* black format

* exclude qhub/_version.py from black

* Black what needs blackening

* Fix

* Fix

* Update qhub-dask version (#1224)

* Fix env doc links and add corresponding tests (#1216)

* Fix env doc links and add corresponding tests

* fix broken image link

* fix black formatting

* map(any) -> any (#1213)

* Update release notes - justification for changes in `v0.4.0`  (#1178)

* Update release notes

* Remove ref to cookiecutter

* Update link-checker version

* Fix

* Use lycee link-checker instead

* Remove lycee, update md config.json

* Revert version

* Release notes cleanup

* Rewording

* Add to vocab

* Fix table

* Add explicit warning about release

* Update README.md

Fixed some syntax/grammar issues.

* Minor updates

Co-authored-by: Christopher Ostrouchov <[email protected]>
Co-authored-by: Shannon <[email protected]>

* Merge spawner and profile env vars

* Support for pinning the IP address of the load balancer via terraform overrides (#1235)

* Suport adding load balancer annotations and ip via terraform overrides

* add documentation for terraform overrides

* make terraform overrides being able to override any variable

* Bump moment from 2.29.1 to 2.29.2 in /tests_e2e (#1241)

Bumps [moment](https://github.com/moment/moment) from 2.29.1 to 2.29.2.
- [Release notes](https://github.com/moment/moment/releases)
- [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md)
- [Commits](moment/moment@2.29.1...2.29.2)

---
updated-dependencies:
- dependency-name: moment
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update cdsdashboards to 0.6.1, Voila to 0.3.5 (#1240)

* Update cdsdashboards to 0.6.1

* voila v0.3.5

* Bump minimist from 1.2.5 to 1.2.6 in /tests_e2e (#1208)

Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/substack/minimist/releases)
- [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* output check fix (#1244)

Co-authored-by: Adam-D-Lewis <>

* Add auth to argo

* add argo_workflows value to qhub init command

* update black version

* update black in setup.cfg

Co-authored-by: Dan Lester <[email protected]>
Co-authored-by: imgbot[bot] <31301654+imgbot[bot]@users.noreply.github.com>
Co-authored-by: ImgBotApp <[email protected]>
Co-authored-by: Christopher Ostrouchov <[email protected]>
Co-authored-by: Amit Kumar <[email protected]>
Co-authored-by: Shannon <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Adam Lewis <[email protected]>
Co-authored-by: Adam-D-Lewis <>

* remove comments

* Clean up argo auth

* Fix typo, add node-selector

* Fix, add argo to vocab

* fix bug and change argo health endpoint

* add overrides to argo workflows

* add some argo roles stuff

* fix cluster role names

* add overrides

* clean up

* Update readme

Co-authored-by: Adam-D-Lewis <>
Co-authored-by: eskild <[email protected]>
Co-authored-by: Dan Lester <[email protected]>
Co-authored-by: imgbot[bot] <31301654+imgbot[bot]@users.noreply.github.com>
Co-authored-by: ImgBotApp <[email protected]>
Co-authored-by: Christopher Ostrouchov <[email protected]>
Co-authored-by: Amit Kumar <[email protected]>
Co-authored-by: Shannon <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: iameskild <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants