Epic Goal

• The ability to extract the local hub OAuth and generate it into an authrealm for the purpose of quickly configuring a set of managed clusters to have the same IDP config as the hub.

Why is this important?

• Customers want to quickly enable a fleet identity configuration once they stand up the hub.

• The hub OAuth could become the logical starting point for the managed clusters to inherit their own IDP config

Scenarios

1. In the Hub of Hubs scenario, a leaf hub might stand as a domain of managed clusters that should all be governed by the same OAuth. Once the leaf hub has it's configuration, it could be automatically applied to the managed clusters.
2. In the central IT scenario, the hub could be a central admin point for cluster admins to gain access to a set of clusters they will need to manage.

Acceptance Criteria

• CI - MUST be running successfully with tests automated
• Release Technical Enablement - Provide necessary release enablement details and documents.
• ...

Dependencies (internal and external)

1. ...

Previous Work (Optional):

1. …

Open questions:

1. How hard is it to implement based on current work?

Done Checklist

• CI - CI is running, tests are automated and merged.
• Release Enablement <link to Feature Enablement Presentation>
• DEV - Upstream code and tests merged: <link to meaningful PR or GitHub Issue>
• DEV - Upstream documentation merged: <link to meaningful PR or GitHub Issue>
• DEV - Downstream build attached to advisory: <link to errata>
• QE - Test plans in Polarion: <link or reference to Polarion>
• QE - Automated tests merged: <link or reference to automated tests>
• DOC - Downstream documentation merged: <link to meaningful PR>