Epic Goal

• To allow users to sync teams via OIDC when deployed on Microsoft Azure

Why is this important?

• Similar to our team sync via LDAP, users that are running on Microsoft Azure would like to be able to synchronize users of that platform via OIDC
• This offers the same enterprise level management benefits that LDAP sync currently provides, albeit for a different authentication protocol

Scenarios

1. A Quay instance that is deployed on Microsoft Azure can be configured to use OIDC to sync existing users
2. Synced users have the same level of access as those that were synced used LDAP

Acceptance Criteria

• The config tool validation has been updated to prevent Quay from starting using a bad OIDC configuration
• Configuration should be written in a way that isn't necessarily specific to Microsoft Azure since OIDC is a protocol that is supported by multiple vendors
• CI - MUST be running successfully with tests automated
• Release Technical Enablement - Provide necessary release enablement details and documents.

Dependencies (internal and external)

1. Microsoft Azure

Previous Work (Optional):

1. TBD

Open questions::

1. TBD

Done Checklist

• CI - CI is running, tests are automated and merged.
• Release Enablement <link to Feature Enablement Presentation>
• DEV - Upstream code and tests merged: <link to meaningful PR or GitHub Issue>
• DEV - Upstream documentation merged: <link to meaningful PR or GitHub Issue>
• DEV - Downstream build attached to advisory: <link to errata>
• QE - Test plans in Polarion: <link or reference to Polarion>
• QE - Automated tests merged: <link or reference to automated tests>
• DOC - Downstream documentation merged: <link to meaningful PR>