viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
4029 commits 6 branches 0 tags 144 MiB
Commit graph

2 commits

Author SHA1 Message Date
Viktor Barzin
ad3432d685 docs(k8s-dashboard): dashboard SSO as-built (Option B multi-issuer apiserver) 
Update authentication.md (structured multi-issuer AuthenticationConfiguration
+ dashboard SSO flow), multi-tenancy.md (web dashboard access), authentik-state
(new k8s-dashboard app + gheorghe groups), service-catalog (dashboard auth),
and the k8s-version-upgrade runbook (kubeadm wipes --authentication-config →
re-apply rbac post-upgrade). Design/plan addenda record the issuer-constraint
pivot from the original dual-aud approach. [ci skip]

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
 2026-06-05 09:19:09 +00:00
Viktor Barzin
549320f79c docs(k8s-dashboard): SSO via Authentik oauth2-proxy — implementation plan [ci skip] 
Task-by-task plan: Vault secret, Authentik OIDC app (TF), oauth2-proxy
deploy, ingress cutover with blocking audience-verification gate, docs.
Additive + one revertible ingress repoint.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
 2026-06-05 09:19:07 +00:00