From e39e3d5c26e861904ac0a43f89664c7a6d45af78 Mon Sep 17 00:00:00 2001
From: Mathieu Parent <math.parent@gmail.com>
Date: Wed, 21 Apr 2021 02:32:10 +0200
Subject: [PATCH] Fix OpenId Connect example prefixes (#7527)

Fixes "mapping values are not allowed in this context
---
 inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml | 4 ++--
 roles/kubernetes/control-plane/defaults/main/main.yml   | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml b/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml
index bed2d8e8d..2d58903bf 100644
--- a/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml
+++ b/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml
@@ -48,9 +48,9 @@ credentials_dir: "{{ inventory_dir }}/credentials"
 ## Optional settings for OIDC
 # kube_oidc_ca_file: "{{ kube_cert_dir }}/ca.pem"
 # kube_oidc_username_claim: sub
-# kube_oidc_username_prefix: oidc:
+# kube_oidc_username_prefix: 'oidc:'
 # kube_oidc_groups_claim: groups
-# kube_oidc_groups_prefix: oidc:
+# kube_oidc_groups_prefix: 'oidc:'
 
 ## Variables to control webhook authn/authz
 # kube_webhook_token_auth: false
diff --git a/roles/kubernetes/control-plane/defaults/main/main.yml b/roles/kubernetes/control-plane/defaults/main/main.yml
index 7d205e7a3..f83133cbe 100644
--- a/roles/kubernetes/control-plane/defaults/main/main.yml
+++ b/roles/kubernetes/control-plane/defaults/main/main.yml
@@ -116,9 +116,9 @@ kube_webhook_authorization_url_skip_tls_verify: false
 # kube_oidc_client_id: kubernetes
 ## Optional settings for OIDC
 # kube_oidc_username_claim: sub
-# kube_oidc_username_prefix: oidc:
+# kube_oidc_username_prefix: 'oidc:'
 # kube_oidc_groups_claim: groups
-# kube_oidc_groups_prefix: oidc:
+# kube_oidc_groups_prefix: 'oidc:'
 # Copy oidc CA file to the following path if needed
 # kube_oidc_ca_file: {{ kube_cert_dir }}/ca.pem
 # Optionally include a base64-encoded oidc CA cert