Giters

kubeguard / guard

🔑 Kubernetes Authentication & Authorization WebHook Server

Home Page:https://kubeguard.dev

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

[github] certificate signed by unknown authority

lalyos opened this issue · comments

commented

I was folloing the github auth guide. Everything seems fine:

When I try to test the webhook:

kubectl get pods --all-namespaces --user <myghuser> -v9

I get an error:

error: You must be logged in to the server (Unauthorized)

It seems that the guard pod does receives the token review request, but fails, while communicating with Github API:

> kubectl logs -n kube-system deploy/guard
...
I0827 10:52:47.002248       1 server.go:168] setting up authz providers
I0827 10:53:23.761824       1 handler.go:47] Received token review request for github/rancser
E0827 10:53:23.805177       1 utils.go:130] failed to check user's membership in Org rancser: Get "https://api.github.com/user/memberships/orgs/rancser": x509: certificate signed by unknown authority

I tried it with versions: v0.6.1 and v0.11.0

commented

Hey,

Did you ever get to the bottom of this?