fix(sso-mfa): commit T02–T06 fixes and workplan status updates

- authelia: users_filter uid→{username_attribute}, OIDC client secret
  moved from env var to inline bcrypt hash in configmap (4.38 limitation)
- authelia: remove unsupported CLIENTS_0_SECRET_FILE env var
- lldap: drop runAsNonRoot/runAsUser (image init requires root)
- verify-t02: keycloak→keycape NetworkPolicy check rename
- workplan: T02/T03/T05/T06 marked done with notes

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
2026-03-21 20:25:03 +00:00
parent a60f4fc834
commit f2f07871eb
5 changed files with 24 additions and 11 deletions

View File

@@ -67,8 +67,6 @@ spec:
value: /run/secrets/authelia/oidc_hmac_secret
- name: AUTHELIA_IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY_FILE
value: /run/secrets/authelia/oidc_issuer_private_key
- name: AUTHELIA_IDENTITY_PROVIDERS_OIDC_CLIENTS_0_SECRET_FILE
value: /run/secrets/authelia/keycape_client_secret_hash
volumeMounts:
# Config from ConfigMap