Uploaded image for project: 'OpenShift Storage'
  1. OpenShift Storage
  2. STOR-1988

GCP Filestore WIF auth support

XMLWordPrintable

    • GCP Filestore WIF auth support
    • BU Product Work
    • 3
    • False
    • None
    • False
    • Not Selected
    • To Do
    • OCPSTRAT-1377 - GCP WIF enablement for critical OLM-managed operators
    • OCPSTRAT-1377GCP WIF enablement for critical OLM-managed operators
    • 67% To Do, 33% In Progress, 0% Done

      Epic Goal*

      What is our purpose in implementing this?  What new capability will be available to customers?

      Enhance the Filestore Operator to support Workload Identity Federation (WIF) for secure authentication with Google Cloud services.

       
      Why is this important? (mandatory)

      What are the benefits to the customer or Red Hat?   Does it improve security, performance, supportability, etc?  Why is work a priority?

      Key customers are seeing WIF as a must have for OCP on GCP authentication. GCP filestore is deemed critical and shall be enabled for the standardized GCP configuration flow

      see https://issues.redhat.com/browse/OCPSTRAT-1377

       
      Scenarios (mandatory) 

      Provide details for user scenarios including actions to be performed, platform specifications, and user personas.  

      1. As a OCP admin on top of GCP i want to deploy openshift with WIF including the GCP filestore operator
      2. As an OCP admin on top of GCP i want to switch from non WIF to WIF including the GCP filestore operator

       
      Dependencies (internal and external) (mandatory)

      General OCP support for WIF

      https://issues.redhat.com/browse/OCPSTRAT-922

       

      Contributing Teams(and contacts) (mandatory) 

      Our expectation is that teams would modify the list below to fit the epic. Some epics may not need all the default groups but what is included here should accurately reflect who will be involved in delivering the epic.

      • Development - 
      • Documentation -
      • QE - 
      • PX - 
      • Others -

      Acceptance Criteria (optional)

      Provide some (testable) examples of how we will know if we have achieved the epic goal.  

      GCP filestore operator should be able to be deployed on GCP with WIF. The CSI driver should pass the regular CI tests without any regression.

      Drawbacks or Risk (optional)

      Reasons we should consider NOT doing this such as: limited audience for the feature, feature will be superseded by other work that is planned, resulting feature will introduce substantial administrative complexity or user confusion, etc.

      Done - Checklist (mandatory)

      The following points apply to all epics and are what the OpenShift team believes are the minimum set of criteria that epics should meet for us to consider them potentially shippable. We request that epic owners modify this list to reflect the work to be completed in order to produce something that is potentially shippable.

      • CI Testing -  Basic e2e automationTests are merged and completing successfully
      • Documentation - Content development is complete.
      • QE - Test scenarios are written and executed successfully.
      • Technical Enablement - Slides are complete (if requested by PLM)
      • Engineering Stories Merged
      • All associated work items with the Epic are closed
      • Epic status should be “Release Pending” 

            rbednar@redhat.com Roman Bednar
            rh-gs-gcharot Gregory Charot
            Chao Yang Chao Yang
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:

                Estimated:
                Original Estimate - 3 weeks
                3w
                Remaining:
                Remaining Estimate - 2 weeks
                2w
                Logged:
                Time Spent - Not Specified Time Not Required
                Not Specified