The test will serve as a development aid to test functionality as it gets added; the test will be extended/adapted as new features are implemented. This test will live behind the "ExternalOIDC" feature gate.

Goals of the baseline test:

• deploy keycloak in the cluster, to use as an OIDC provider
• configure the OIDC as a direct provider in the KAS
  • update the authentication CR with the oidc provider configuration
  • sync the oidc provider's CA, if necessary, to the KAS pods static resources
  • patch the cluster proxy and the KAS CLI args to provide the OIDC configuration
  • wait for the changes to get rolled out
• run some basic keycloak sanity checks
• run some baseline authentication checks via the KAS