OIDC with IngressGroup

[nyaaao]

Describe the bug
Our setup uses OIDC authentication with IngressGroup.
The auth action does not get attached to the LoadBalancer Rule unless we add OIDC-related annotations to the corresponding ingress.
Since OIDC annotations reference a secret that has to be in the same namespace as the Ingress, we have to ensure the secret is present in each namespace where the ingress with the group is present
Steps to reproduce

Expected outcome
We would like to have OIDC annotations only on 1 of the ingresses (that also has other exclusive annotations) instead of having to duplicate it over on each ingress

Environment

• AWS Load Balancer controller version v2.7.2
• Kubernetes version 1.25
• Using EKS (yes/no), if so version? 1.25.16

[shraddhabang]

This is great suggestion. We can add this to IngressClassParam spec to avoid the conflicts. This will be a good enhancement to the controller and we welcome any community contributions for this.

[chetak123]

/assign

[saiaunghlyanhtet]

/assign

[tjc-enoch]

@saiaunghlyanhtet

Any update on this? We would love to have this implimented ASAP so we dont have to keep manually updating the load balancer rules.

[kellyyan]

@saiaunghlyanhtet Hi, are you still working on this? If not, I'll implement this feature!

[kellyyan]

/assign
I'll implement this.

[kellyyan]

@nyaaao Are you looking for the annotation to take in a namespace for the secret?