-
Notifications
You must be signed in to change notification settings - Fork 157
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
failed to load alpha options: unable to load config file: read /etc/oauth2_proxy/oauth2_proxy.yml: is a directory #226
Comments
It seems the problem is that I can't have client-id, client-secret and cookie-secret being loaded separately from a secret. It's either alphaconfig from values file, from a configmap our from a secret in its entirety. I find it a bit strange that it is not possible to use a secret directly. I will try to set it up in extraEnv as it seems to be set as a template so I can make secretkeyref and load it as environment variables. It may also be useful to have it as an example in README, and perhaps some clarification on the behavior of existingSecret. It is a bit confusing. |
The configFile inside the I confirm that You can try to use I hope I helped you in some way. |
Hi @pierluigilenoci, this somewhat got lost from my feed. as I noted earlier, it is not possible to use these values if using alphaConfig. Found that somewhere in the documentation. Thanks for trying to help, but I did not find a way around it. If I use azure or oidc, but need settings (client-id/secret), it is only possible to define them within alphaconfig (wherever is the source of it), so separately loading these from env variables do not work, they need to be explcicitly set in alphaconfig, which is not secure, if I don't want to put the whole of alphaconfig inside a vault. I had to stop using oauth2-proxy for the solutions that required the alphaconfig settings, so that I could load these values using CSI Driver (takes these from a key vault). Not sure whether this should be closed or not. The issue can be closed in case there is no plan to support this scenario. |
In AKS, Pod fails to start with the error mention in the tittle:
[main.go:41] ERROR: failed to load alpha options: unable to load config file: read /etc/oauth2_proxy/oauth2_proxy.yml: is a directory
It is installed via terraform, but should work the same with helm command as I use a custom values file for override:
values file:
This started to happen after I upgraded from 6.23.1 to the more recent 7.6.0
I have also ensured it is using the latest chart version (7.7.9) and verified the structure of values.yaml to match with the latest chart version.
If I omit configFile from config section, I get:
So,
config.configFile.upstreams = [ "file:///dev/null" ]
seems to be invalid. It breaks when configFile is not overriden.I am still unable to upgrade oauth2-proxy to use latest chart and image versions. But still investigating if I can workaround the issue. I suspect this has something to do with how newer versions treat multiple provider configurations that may not be reflected in the chart, even though I am only using a single provider in alphaConfiguration.
The text was updated successfully, but these errors were encountered: