OpenID Connect Force Availability

Feature Discussion
1

We regularly have the issue that we find ourselves with an unusable instance of Vikunja on our Kubernetes cluster because somehow the OpenID Connect provider check of Vikunja fails as it starts.
Whenever I notice that I have to kill the pod so it works after a restart, but somehow I always find the login button gone after a few days.
Now I am starting to write an integration to query /api/v1/info for whether providers are detected and if not issue a kill - but that is a bit hacky.

I would prefer an flag on an openid provider like ‘force’ that does one of two things:

  • always make it available, without checking its endpoint (does it require any extra information?)
  • crashes when the openid provider query fails
    Either would allow graceful handling with native kubernetes tools.

Btw, issue search in gitea is not working properly: Issues - vikunja - Gitea

2

This won’t work because we need to ask the provider a few things to be able to use it.

I would rather want to fix the disappearing of the provider. Vikunja won’t forget a provider it has discovered, unless you restart it and the provider is not reachable at that time. If that’s the case, there should be something logged though.

This might be an option, but again, only when starting.

3

yeah allowing to set a flag that vikunja crashes if an OIDC provider is not found on startup would be perfectly okay - I am anyway unsure about the disappearing while running thing, maybe it also just happened to do another restart