OCP/Telco Definition of Done
Feature Template descriptions and documentation.
Feature Overview
- Connect OpenShift workloads to Google services with Google Workload Identity
Enable customers to access Google services from workloads on OpenShift clusters using Google Workload Identity (aka WIF)
https://cloud.google.com/kubernetes-engine/docs/concepts/workload-identity
Goals
- Customers want to be able to manage and operate OpenShift on Google Cloud Platform with workload identity, much like they do with AWS + STS or Azure + workload identity.
- Customers want to be able to manage and operate operators and customer workloads on top of OCP on GCP with workload identity.
Requirements
- Add support to CCO for the Installation and Upgrade using both UPI and IPI methods with GCP workload identity.
- Support install and upgrades for connected and disconnected/restriction environments.
- Support the use of Operators with GCP workload identity with minimal friction.
- Support for HyperShift and non-HyperShift clusters.
- This Section:* A list of specific needs or objectives that a Feature must deliver to satisfy the Feature.. Some requirements will be flagged as MVP. If an MVP gets shifted, the feature shifts. If a non MVP requirement slips, it does not shift the feature.
| Requirement | Notes | isMvp? |
|---|---|---|
| CI - MUST be running successfully with test automation | This is a requirement for ALL features. | YES |
| Release Technical Enablement | Provide necessary release enablement details and documents. | YES |
(Optional) Use Cases
This Section:
- Main success scenarios - high-level user stories
- Alternate flow/scenarios - high-level user stories
- ...
Questions to answer…
- ...
Out of Scope
- …
Background, and strategic fit
This Section: What does the person writing code, testing, documenting need to know? What context can be provided to frame this feature.
Assumptions
- ...
Customer Considerations
- ...
Documentation Considerations
Questions to be addressed:
- What educational or reference material (docs) is required to support this product feature? For users/admins? Other functions (security officers, etc)?
- Does this feature have doc impact?
- New Content, Updates to existing content, Release Note, or No Doc Impact
- If unsure and no Technical Writer is available, please contact Content Strategy.
- What concepts do customers need to understand to be successful in [action]?
- How do we expect customers will use the feature? For what purpose(s)?
- What reference material might a customer want/need to complete [action]?
- Is there source material that can be used as reference for the Technical Writer in writing the content? If yes, please link if available.
- What is the doc impact (New Content, Updates to existing content, or Release Note)?
- depends on
-
OCPSTRAT-243 Custom roles for GCP Workload Identity
-
- Closed
-
- is depended on by
-
HIVE-2262 [OSD-GCP]: Hive changes for supporting GCP Workload Identity Federation (WIF)
-
- Closed
-
- is related to
-
-
- Accepted
-
-
CCO-197 Document ccoctl permissions needed when using GCP workload identity
-
- To Do
-
-
CCO-260 invalid_grant error in the image-registry operator on GCP using WIF
-
- Closed
-
-
-
- Closed
-
-
OCPSTRAT-1509 Tokenized Auth Enablement for OLM-managed Operators on Azure
-
- New
-
-
-
- In Progress
-
-
-
- In Progress
-
- relates to
-
-
- Closed
-
- links to