Jira Description

As a PCP user I want to configure certificate rotation together with IPA (as an option) so that I can continue to rotate and manage the certificates after Data Plane Adoption from a Director based deployment.

Summary

For TLS data plane adoption we need to integrate an external (Free)IPA instance into the PCP deployment. As part of this task we want to make sure the integration between cert-manager and IPA is working and can be configured using the meta openstack-operator.

Rotation will require a different set of tests then the initially implemented provisioning.

Definition of Ready

When we can consider User Story to be Ready?

1. Defined clearly enough that all members of the team understand what needs to be done
2. Includes any required enabling specs. wire frames etc.
3. Fully meet INVEST criteria for User Stories
4. Dependencies identified and there is a clear strategy how they will be managed

Prerequisites: 

1. Initial environment with IPA and PCP

Acceptance Criteria

1. Possibility to configure IPA in cert-manager to issue and rotate certificates
2. Possibility to have an internal IPA deployed for testing purposes
3. CRL integration

Definition of Done

When we can consider User Story to be Done:

1. Tests implemented
2. Documentation on how to integrate with an external IPA instance
3. Pull requests proposed to openstack-operator and merged to master branch
4. Periodic testing?