I have temporal deployed via the official helm chart (version 0.51.0).
I’m trying to enable SSO via GitHub OAuth App on the web UI.
Here’s the relevant part of my values.yaml
web:
ingress:
enabled: true
className: alb
hosts:
- temporal.MY-DOMAIN.click
annotations:
alb.ingress.kubernetes.io/backend-protocol: "HTTP"
alb.ingress.kubernetes.io/group.name: MY-GROUP
alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS": 443}]'
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/ssl-redirect: "443"
alb.ingress.kubernetes.io/target-type: ip
external-dns.alpha.kubernetes.io/manage: "true"
additionalEnv:
- name: TEMPORAL_AUTH_ENABLED
value: "true"
- name: TEMPORAL_AUTH_PROVIDER_URL
value: "https://github.com/login/oauth/authorize"
- name: TEMPORAL_AUTH_CLIENT_ID
value: "Ov23lDEADCODE8LHILl"
- name: TEMPORAL_AUTH_CALLBACK_URL
value: "https://temporal.MY-DOMAIN.click/auth/sso/callback"
additionalEnvSecretName: temporal-auth-client-secret
I have the secret created and it holds this data:
{TEMPORAL_AUTH_CLIENT_SECRET: xxxxxxxxxxxxxxx}
But the moment I deploy the changes my web-ui fails and keeps giving me the 503 error.
When I check the logs I see the HTML for GitHub login landing page but the Web UI won’t render it and keeps spitting 503.
What am I missing here?