Zero-to-jupyterhub-k8s: Unsure how to hook into a gitlab authorization authentication service with helm
I am not really sure how I take this section of the yaml and set it to a gitlab application? Maybe its not yet supported in the helm chart yet?
auth:
type: dummy
whitelist:
users:
admin:
access: true
users:
dummy:
password:
ldap:
dn:
search: {}
user: {}
user: {}
state:
enabled: false
cryptoKey:
mjschmidt
All 10 comments
This is from generating the values file from release 0.8.1
mjschmidt
on 31 Mar 2019
Have you found http://z2jh.jupyter.org/en/latest/authentication.html helpful? I don't think gitlab specifically is in there, but that might be the place to look.
I'd also recommend posting "how-to" questions on the Jupyter community discourse page
(I'm gonna transfer this issue over to "zero to jupyterhub for k8s" which tends to get more attention than this one)
choldgraf
on 31 Mar 2019
@mjschmidt I think this may be what you need, but this is in my view the absolute most confusing thing to figure out right now in this project =/
It should be improved drastically I think.
auth:
type: gitlab
gitlab:
clientId: my-client-id
clientSecret: my-client-secret
# gitlabGroupWhitelist:
# - my-group-name-with-access
# gitlabProjectIdWhitelist:
# - my-project-name-and-indirectly-its-users-with-access
admin:
access: true
users:
- consideratio
I'd like to see us support usage of either camelCase or snake_case. camelCase to be backward compatible and snake_case as that is the actual settings that we can read about in oauthenticator.
If we are using the generic oauthenticator and type: custom in z2jh we need to use snake_case, and if we don't we need to NOT use snake_case! Gah!
consideRatio
on 31 Mar 2019
@consideRatio and @choldgraf So that yaml section is the exact yaml area I had found. What was unclear (but is more clear now) to me is how to link the gitlab id and secret. I am going to try that out and I will let you know how it goes.
mjschmidt
on 2 Apr 2019
@mjschmidt I'm more than happy to help review and improvements to the documentation in PRs! We definitely can improve this!
choldgraf
on 3 Apr 2019
FYI this configuration works for us and we use gitlab:
hub:
extraEnv:
GITLAB_URL: https://gitlab.mydomain.com
extraConfig:
jupyterlab: |
c.Spawner.cmd = ['jupyter-labhub']
c.ConfigurableHTTPProxy.command = ['configurable-http-proxy', '--redirect-port', '80']
auth:
type: gitlab
gitlab:
clientId: x
clientSecret: xx
callbackUrl: "https://jupyter.mydomain.com/hub/oauth_callback"
cslovell
on 15 Apr 2019
Getting this error
$ kubectl logs --namespace=jhub hub-8cf6459fb-l9qz8
Loading /etc/jupyterhub/config/values.yaml
Loading /etc/jupyterhub/secret/values.yaml
[E 2019-06-27 09:03:15.648 JupyterHub app:1958]
Traceback (most recent call last):
File "/usr/local/lib/python3.6/dist-packages/jupyterhub/app.py", line 1955, in launch_instance_async
await self.initialize(argv)
File "/usr/local/lib/python3.6/dist-packages/jupyterhub/app.py", line 1639, in initialize
self.load_config_file(self.config_file)
File "</usr/local/lib/python3.6/dist-packages/decorator.py:decorator-gen-5>", line 2, in load_config_file
File "/usr/local/lib/python3.6/dist-packages/traitlets/config/application.py", line 87, in catch_config_error
return method(app, *args, **kwargs)
File "/usr/local/lib/python3.6/dist-packages/traitlets/config/application.py", line 598, in load_config_file
raise_config_file_errors=self.raise_config_file_errors,
File "/usr/local/lib/python3.6/dist-packages/traitlets/config/application.py", line 562, in _load_config_files
config = loader.load_config()
File "/usr/local/lib/python3.6/dist-packages/traitlets/config/loader.py", line 457, in load_config
self._read_file_as_dict()
File "/usr/local/lib/python3.6/dist-packages/traitlets/config/loader.py", line 489, in _read_file_as_dict
py3compat.execfile(conf_filename, namespace)
File "/usr/local/lib/python3.6/dist-packages/ipython_genutils/py3compat.py", line 198, in execfile
exec(compiler(f.read(), fname, 'exec'), glob, loc)
File "/srv/jupyterhub_config.py", line 279, in <module>
set_config_if_not_none(c.GitLabOAuthenticator, trait, 'auth.gitlab.' + cfg_key)
TypeError: must be str, not NoneType
Any idea what is causing this?
sampathkethineedi
on 27 Jun 2019
What version of the helm chart are you using? There were some issues in previous versions that could demonstrate themself like this, but I think anything like 0.8.2 and above should be fine - I'd recommend using the latest release to be safe as I'm not 100%.
Please provide your config.yaml, but redact senstive information, in order to help others help you =)
consideRatio
on 27 Jun 2019
Having the same error as @sampathkethineedi as put it in issue https://github.com/jupyterhub/zero-to-jupyterhub-k8s/issues/1312
In my case I have the error using 0.8.2 also with version 0.9-445a953
Jose3212
on 27 Jun 2019
Helm chart - jupyterhub-0.9-445a953
Kubernetes cluster on AWS
config.yaml -
```
proxy:
secretToken: "
singleuser:
storage:
capacity: 1Gi
image:
name:
tag: test01
lifecycleHooks:
postStart:
exec:
command: ["gitpuller", "
prePuller:
enabled: false
hub:
extraEnv:
GITLAB_URL:
auth:
type: gitlab
gitlab:
clientId: "
clientSecret: "
callbackUrl: "http://
gitlabGroupWhitelist:
-
admin:
access: true
users:
- sampathkethineedi
```
Using 0.9-445a953 fixed the previous issue.
sampathkethineedi
on 27 Jun 2019
Related issues
bleggett
路
3Comments
consideRatio
路
4Comments
consideRatio
路
3Comments
jonathanballs
路
3Comments
consideRatio
路
3Comments
Most helpful comment
Helm chart - jupyterhub-0.9-445a953
Kubernetes cluster on AWS
config.yaml -"
```
proxy:
secretToken: "
singleuser:", "master"]
storage:
capacity: 1Gi
image:
name:
tag: test01
lifecycleHooks:
postStart:
exec:
command: ["gitpuller", "
prePuller:
enabled: false
hub:
extraEnv:
GITLAB_URL:
auth:""/hub/oauth_callback"
type: gitlab
gitlab:
clientId: "
clientSecret: "
callbackUrl: "http://
gitlabGroupWhitelist:
-
admin:
access: true
users:
- sampathkethineedi
```
Using 0.9-445a953 fixed the previous issue.