Uploaded image for project: 'Red Hat OpenStack Services on OpenShift'
  1. Red Hat OpenStack Services on OpenShift
  2. OSPRH-18868

[Adoption] Doc: OIDC - Enable federated authentication via data plane adoption

XMLWordPrintable

    • Icon: Epic Epic
    • Resolution: Unresolved
    • Icon: Major Major
    • rhos-18.0.17 FR 5
    • rhos-18.0.14 FR 4
    • documentation
    • None
    • [Adoption] Doc: OIDC - Enable federated authentication via data plane adoption
    • False
    • Hide

      None

      Show
      None
    • False
    • RHOSSTRAT-950Feature - OIDC Adoption
    • Not Selected
    • Proposed
    • Proposed
    • To Do
    • RHOSSTRAT-950 - Feature - OIDC Adoption
    • Proposed
    • rhos-ops-platform-services-security
    • Proposed
    • 100% To Do, 0% In Progress, 0% Done

      Goal

      This epic tracks the work to create the documentation for adopting an OIDC-federated Keystone service from a legacy RHOSP 17.1 environment to RHOSO 18.

      Scope & Approach

      The documentation will follow the established "happy path" pattern, providing concise, copy-pastable oc commands for production-style environments. It will cover the procedure for migrating the OIDC configuration, ensuring federated trust is maintained, and verifying the user authentication flow post-adoption.

      Key Tasks

      • Draft the procedure for migrating OIDC IdP configuration.
      • Document the steps to verify the federated login process.
      • Ensure all code snippets are copy-pastable and use oc commands.

       

      Mini content journey

      Reviewers:

      • Technical: Grzegorz Grasza
      • Peer: To be determined.
      • QE: Grzegorz Grasza, is also responsible for QE, including writing and submitting tests to CI. 

      NOTE: This Epic does not relate to a feature in its own right, but instead is concerned with the documentation of the adoption of an existing feature - hence some of these questions are Not Applicable.

      Is this feature fully supported or technical preview? **

      • Not Applicable - this relates to the adoption of a fully-supported feature

      Does the procedural content need to be tested by QE?

      • Not sure, because the testing will be handled by a CI job.

      Does the documentation epic need a release note in addition to the feature?

      What stage of the user journey are you targeting?

      • Adopt: Adoption

      Who is your target persona?

      • OpenStack user: SysAdmin or Developer

      What type of information does the user need to know in order to use the feature?

      • Procedures or considerations for adoption

      Are there any existing upstream or internal resources that the writer can use for planning and drafting the content? 

      • No.

      Does the content require input from multiple DFGs?

      • No: Content is provided by the Security DFG, that will be incorporated into the relevant adoption guide.

      This content does not need to be included in any other guides apart from the Adoption guide.

       

      Location of documentation files:

      https://github.com/openstack-k8s-operators/data-plane-adoption/pull/1062/files 

              rhn-support-ifrangs Ian Frangs
              ggrasza@redhat.com Grzegorz Grasza
              rhos-dfg-security
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated: