Uploaded image for project: 'OpenShift Cloud'
  1. OpenShift Cloud
  2. OCPCLOUD-2379

Support external cloud authentication providers


    • Icon: Epic Epic
    • Resolution: Done
    • Icon: Blocker Blocker
    • None
    • 4.16
    • Support external cloud authentication providers
    • False
    • None
    • False
    • Green
    • To Do
    • 0% To Do, 0% In Progress, 100% Done
    • Approved

      OCP/Telco Definition of Done
      Epic Template descriptions and documentation.

      <--- Cut-n-Paste the entire contents of this description into your new Epic --->

      Epic Goal

      Why is this important?

      • In 1.29, Kube flipped the DisableKubeletCloudCredentialProviders to true by default, this broke our rebase tests as the kubelet could no longer pull images from GCR
      • To mitigate this, we flipped the flag back to false
      • We must revert the flip before the feature is GA'd upstream
      • The cloud provider authentication providers (eg on GCP) become dependencies for kubelet and must be configured via flags
      • As an example on GCP
        • We need to build the provider and ship it as an RPM (perhaps in the kubelet RPM? Can RPMs have dependency RPMs?)
        • The RPM should place the binary into a well known location on disk
        • We then need to create a configuration file and set the correct flags on Kubelet based on this configuration


      1. ...

      Acceptance Criteria

      • CI - MUST be running successfully with tests automated
      • Release Technical Enablement - Provide necessary release enablement details and documents.
      • ...

      Dependencies (internal and external)

      Setting up the distgit (for production brew builds) depends on the ART team. This should be tackled early.


      The PR to ocp-build-data should also be prioritised, as it blocks the PR to openshift/os. There is a separate CI Mirror used to run CI for openshift/os in order to merge, which can take a day to sync. 

      Previous Work (Optional):

      Open questions::

      Done Checklist

      • CI - CI is running, tests are automated and merged.
      • Release Enablement <link to Feature Enablement Presentation>
      • DEV - Upstream code and tests merged: <link to meaningful PR or GitHub Issue>
      • DEV - Upstream documentation merged: <link to meaningful PR or GitHub Issue>
      • DEV - Downstream build attached to advisory: <link to errata>
      • QE - Test plans in Polarion: <link or reference to Polarion>
      • QE - Automated tests merged: <link or reference to automated tests>
      • DOC - Downstream documentation merged: <link to meaningful PR>

            rh-ee-tbarberb Theo Barber-Bany
            joelspeed Joel Speed
            Zhaohua Sun Zhaohua Sun
            0 Vote for this issue
            13 Start watching this issue