OIDC fails with helm

sockentausch · January 26, 2021, 3:59pm

Hi iam currently trying to integrate hue to our keycloak deployment.
Iam using the offical Helm from helm repo add gethue https://helm.gethue.com
Following changes has been done:

   [[auth]]
    backend=desktop.auth.backend.OIDCBackend
 [[oidc]]
 # The client ID as relay party set in OpenID provider
 oidc_rp_client_id=xxxxx_analytics

    # The client secret as relay party set in OpenID provider
    oidc_rp_client_secret=XXXf551b-XXXX6-4d08-8ed0-ebfbedXXXXXe1

    # The OpenID provider authoriation endpoint
    oidc_op_authorization_endpoint=http://auth.XXXXX.io/auth/realms/XXXXX_analytics/protocol/openid-connect/auth

    # The OpenID provider token endpoint
    oidc_op_token_endpoint=http://auth.XXXXX.io/auth/realms/XXXXXX_analytics/protocol/openid-connect/token

    # The OpenID provider user info endpoint
    oidc_op_user_endpoint=http://auth.XXXXXX.io/auth/realms/XXXXXX_analytics/protocol/openid-connect/userinfo    

    oidc_verify_ssl=true
    login_redirect_url=https://analytics.XXXXXXX.io/oidc/callback/
    create_users_on_login=true

But fails with
ModuleNotFoundError: No module named ‘mozilla_django_oidc’

Do i miss some configuration or is this package just missing in the image?

thanks for any pointer.

sockentausch · January 28, 2021, 9:49am

fixed it with a custom Dockerfile deriving from gethue/hue

from gethue/hue:latest

USER root
RUN chmod 777 -R /var/log
RUN pip3 install --upgrade pip

RUN pip3 install --isolated mozilla_django_oidc gevent greenlet==1.0.0 py4j gunicorn

for soime reason - i need to investigate - and need to reapply gunicorn…

Note: helm template does only allow to change registry and tag. ImageName must stay the same.

Romain · January 28, 2021, 9:14pm

Yes, the pypy module mozilla_django_oidc is not in the default image.

Pip should list the reason why it un-installed gunicorn (usually there is an incompatibility of dependencies)

Docker source of the gethue/hue:latest is https://github.com/cloudera/hue/blob/master/tools/docker/hue/Dockerfile#L58

For helm, you are probably using the simplified one. The more advanced one is https://github.com/cloudera/hue/tree/master/tools/kubernetes/helm/hue

sockentausch · January 29, 2021, 6:33am

Thanks romain,yes forgot to mention: there was some versionconflict with greenlet – tried to pip to fixed version 0.4.17 but does work out (still stick to 0.4.15). Quick fix was to reapply gunicorn.

Prabhu · January 16, 2024, 3:49pm

@sockentausch Can you please share the entire DockerFile ? We are using Hue version 4.11.0 and i still see the same issue even after installing django, greenlet and gunicorn as below.
RUN pip3 install --isolated mozilla_django_oidc gevent greenlet==1.0.0 py4j gunicorn

Could you please advice ?