JupyterHub (v0.8.2) Github Authorization not working


I have two EKS clusters. “EKS” is AWS managed kubernetes service. I have deployed JupyterHub application to EKS using helm on each cluster. The only difference is that one cluster is running JupyterHub version 0.7.0 and the other is 0.8.2

We use Github auth for JupyterHub. E.g., in our helm chart:

    access: true
    - my-github-user
    callbackUrl: ...
    clientId: ...
    clientSecret: ...
    - my-github-org
  - read:org
  type: github

Problem: Authorization appears to be broken for JupyterHub 0.8.2

The JupyterHub 0.7.0 application is working as expected w.r.t. authorization (it only allows users to log in if they are a member of my-github-org.

The JupyterHub 0.8.2 application is not working as expected. It allows any Github user to log in.

The environment configuration is exactly the same, the only difference is the JupyterHub version. Could this be a regression in JupyterHub?

Also, to prove my theory I want to try downgrading the version of JupyterHub from 0.8.2 to 0.7.0 … but not sure if this will break the JHub application. Is it backwards compatible? E.g. if the JHub release is 0.8.2, and I issue this command “helm upgrade --install jhub jupyterhub/jupyterhub --namespace jhub --version=0.7.0 --values config.yaml” – will it work?

There was a breaking change in 0.8.0: https://github.com/jupyterhub/zero-to-jupyterhub-k8s/blob/6290e23602225b543850f5567c77ddd6c3662297/CHANGELOG.md#breaking-changes-1
The property was renamed auth.github.orgWhitelist

Wow. I really wish helm validated configs and threw an error instead of silently authorizing the world to my app

Hopefully that will be possible in Helm 3!