@terrencejun321
According to the error message, the token extracted by k10tool for validation does not match the one you've created. Could you please provide details on how you obtained the clientSecret token, the YAML file for the service account k10-dex-sa, and the list of secrets?
Thanks
Ahmed Hagag
@terrencejun321
According to the error message, the token extracted by k10tool for validation does not match the one you've created. Could you please provide details on how you obtained the clientSecret token, the YAML file for the service account k10-dex-sa, and the list of secrets?
Thanks
Ahmed Hagag
Hi,
I didn’t create the clientSecret token and i follow the steps here - https://docs.kasten.io/latest/access/authentication.html#openshift-authentication
it stated “After the Service Account creation, K10 automatically generates the corresponding client secret required to establish connection to the OpenShift OAuth server.” if create
Below is the yaml of the service account and list of secrets
================
k10-dex-sa YAML
================
apiVersion: v1
imagePullSecrets:
- name: k10-dex-sa-dockercfg-srxjm
kind: ServiceAccount
metadata:
annotations:
serviceaccounts.openshift.io/oauth-redirecturi.dex: https://k10-route-kasten-io.apps.test.abc.com/k10/dex/callback
creationTimestamp: "2024-04-02T05:01:08Z"
name: k10-dex-sa
namespace: kasten-io
resourceVersion: "22496648"
uid: 7538c09f-89dd-4d80-a96f-aa7f710f128a
secrets:
- name: k10-dex-sa-dockercfg-srxjm
================
list of secrets
================
NAME TYPE DATA AGE
builder-dockercfg-zwf82 kubernetes.io/dockercfg 1 11h
builder-token-48g4m kubernetes.io/service-account-token 4 11h
default-dockercfg-nrb7m kubernetes.io/dockercfg 1 11h
default-token-vr7jh kubernetes.io/service-account-token 4 11h
deployer-dockercfg-lh29t kubernetes.io/dockercfg 1 11h
deployer-token-ggg84 kubernetes.io/service-account-token 4 11h
k10-cluster-passphrase Opaque 1 8h
k10-dex-sa kubernetes.io/service-account-token 4 3h26m
k10-dex-sa-dockercfg-srxjm kubernetes.io/dockercfg 1 7h32m
k10-dex-sa-token-mttfc kubernetes.io/service-account-token 4 7h32m
k10-grafana Opaque 3 3h17m
k10-grafana-dockercfg-gfl9z kubernetes.io/dockercfg 1 3h17m
k10-grafana-token-hvt9s kubernetes.io/service-account-token 4 3h17m
k10-k10-dockercfg-5frrr kubernetes.io/dockercfg 1 3h17m
k10-k10-token-hx2rw kubernetes.io/service-account-token 4 3h17m
k10-kasten-operator-rhmp-controller-manager-dockercfg-7blsm kubernetes.io/dockercfg 1 11h
k10-kasten-operator-rhmp-controller-manager-token-k4sfh kubernetes.io/service-account-token 4 11h
k10-license Opaque 1 3h17m
k10-oidc-auth Opaque 11 3h17m
k10-trial-license Opaque 1 3h17m
kopia-tls-cert Opaque 1 3h17m
kopia-tls-key Opaque 1 3h17m
prometheus-server-dockercfg-p4x64 kubernetes.io/dockercfg 1 3h17m
prometheus-server-token-zs5wz kubernetes.io/service-account-token 4 3h17m
sh.helm.release.v1.k10.v716 helm.sh/release.v1 1 15s
Hi,
Thanks for your advice, i manage to sort it out by using the k10 tools here for missing param and right token