Uploaded image for project: 'Red Hat Internal Developer Platform'
  1. Red Hat Internal Developer Platform
  2. RHIDP-6681

Support LDAP catalog entity provider

XMLWordPrintable

    • L
    • False
    • Hide

      None

      Show
      None
    • False
    • 0% To Do, 0% In Progress, 100% Done

      Feature Overview (aka. Goal Summary)

      An elevator pitch (value statement) that describes the Feature in a clear,
      concise way.

      Support the upstream catalog-backend-module-ldap plugin as a method to sync users/groups into RHDH

      • provision unique user IDs and ensure they never get reused IA-12 and IA-4
      • When running into an error ingesting a user (e.g. if the user is missing a required parameter), provide a better error message
        • consider an option to enable continuing to ingest users by skipping these users
      • Ingest and map thousands of users/groups into the catalog and RHDH. 

      Goals (aka. expected user outcomes)

      The observable functionality that the user now has as a result of receiving
      this feature. Include the anticipated primary user type/persona and which
      existing features, if any, will be expanded.

      Organizations with large numbers of users/groups should be able to use the catalog-backend-module-ldap plugin to sync all entities in the RHDH catalog.

      Requirements (aka. Acceptance Criteria):

      A list of specific needs or objectives that a feature must deliver in order
      to be considered complete. If the feature spans across releases then good
      to have scope for each release with acceptance criteria. Be sure to
      include nonfunctional requirements such as security, reliability,
      performance, maintainability, scalability, usability, etc.

       

      Determine the list of vendors to support, see current upstream support

      • Test (manual and e2e) common authentication scenarios
        • AD set up.  Needs to be reachable for CI tests
        • Mock images for various vendors
        • Need spike work to determine which vendors are best suited for CI
        • Might have issues exposing LDAP to public network
          • manual testing for AD
          • automation for OpenLDAP
          • we can switch testing to run against AD locally if need be
      • Test (manual and e2e) and document each config in this plugin (see docs)

      Out of Scope (Optional)

      High-level list of items that are out of scope.

      Customer Considerations (Optional)

      This feature is largely driven by the number of support tickets from customers requesting support on this plugin:

      RHIDP-5966

      RHDHBUGS-177

      Documentation Considerations

      Once supported, a new section including instructions to set up this catalog provider in the authentication section.

              rh-ee-jhe Jessica He
              rh-ee-jhe Jessica He
              RHIDP - Security
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: