Got a query regarding my favorite OpenShift identity provider:
htpasswd Identity Provider.
Why "must" the htpasswd secret be created in the openshift-config
This isn't something I just absolutely have to know. However,
more times than not, I like to look underhood at things. If it
truly is a "must" that it be created in the openshift-config namespace,
then so be it. Still, I'd like to take the opportunity to add something
extra to my knowledgebase.
I did a tiny bit of digging, but nothing that could/would qualify as
an exhaustive search
The openshift-config namespace is a special namespace in OpenShift that contains configuration objects for the entire OpenShift cluster, such as network policies, authentication methods, and other cluster-wide settings. By creating the htpasswd secret in the openshift-config namespace, it becomes available to all projects and applications within the cluster. Plus storing the htpasswd secret in the openshift-config namespace provides an additional layer of security because only users with appropriate permissions can access this namespace. This prevents unauthorized users from accessing the credentials and potentially gaining access to secured applications. Some more guidance is here https://docs.openshift.com/container-platform/4.12/authentication/identity_providers/configuring-htp...