Uploaded image for project: 'OpenShift Hosted Control Plane'
  1. OpenShift Hosted Control Plane
  2. HOSTEDCP-374

As a user of HostedCluster I would like to be able to pass a pre-generated OIDC key pair and S3 bucket

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Done
    • Icon: Blocker Blocker
    • openshift-4.11
    • None
    • None
    • None
    • False
    • None
    • False
    • Hypershift Sprint 10
    • 0
    • 0
    • 0

      Currently in OCM we use the following process to install STS clusters:

      1. We generate a key pair for service account signing.
      2. We prepare a S3 bucket with the JSON web key set and discovery documents.
      3. We tell the customer to create a identity provider in their account, using the URL of the S3 bucket that we prepared.
      4. We wait for the customer to create that identity provider.
      5. We verify that the identity provider is working.
      6. We proceed to the installation of the cluster, passing the pre-generated key pair to the OpenShift installer.

      We would like to use the same process for HyperShift clusters, but currently isn't possible to pass the key pair.

      This card is about adding to HyperShift the feature to receive that key pair and the pre-populated S3 bucket instead of generating them.

              jpacker@redhat.com Joshua Packer
              jhernand-rh Juan Hernández
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: