-
Story
-
Resolution: Done
-
Blocker
-
None
-
Strategic Product Work
-
False
-
None
-
False
-
OCPSTRAT-506 - ARO Managed Identity
-
-
This effort is dependent on the completion of work for CCO-187, and effort in dependent modules is planned to be worked on by the CCO team unless individual repo owners can help. Operators owners/teams will be expected to review merge requests and complete appropriate QE effort for an openshift release.
- azure-sdk-for-go module dependency updated to support workload identity federation.
- Support for workload identity federation is not yet complete for azure-sdk-for-go. Support is being tracked in the following issues,
- Mount the OIDC token in the operator pod. This needs to go in the deployment. See example from addition to the cluster-image-registry-operator here
- blocks
-
NE-1164 Review cluster-ingress-operator to consume Azure workload identity tokens
- Closed
- is depended on by
-
CCO-235 Update OpenShift operators to consume Azure workload identity tokens
- Closed
- is related to
-
OCPBUGS-15976 [Azure] in Azure workload identity cluster the ingress DNS record failed to be published to public zone
- Closed
- links to