Infrastructure/arc
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

Investigate mapping group access from ipa/ipsilon to openshift #27

New issue
Closed
opened 2022-05-30 13:21:14 +00:00 by mobrien · 3 comments
mobrien commented 2022-05-30 13:21:14 +00:00
Contributor
Copy link

We would like to be able to create groups in ipa that would then map to groups in openshift to allow for easier and more transparent access.

We would like to be able to create groups in ipa that would then map to groups in openshift to allow for easier and more transparent access.
mobrien commented 2022-05-31 15:57:24 +00:00
Author
Contributor
Copy link

Metadata Update from @mobrien:

  • Issue assigned to mobrien
**Metadata Update from @mobrien**: - Issue assigned to mobrien
mobrien commented 2022-06-14 09:50:14 +00:00
Author
Contributor
Copy link

Openshift preferred method for group mappings is from ldap but that solution doesn't suit us as our IPA server is private and we don't want to allow external access.

Openshift also supports group mappings from openid clients which would be our preferred solution but OSD does not support this. I raised a support ticket to ask about it and they said there is an RFE for it but the ticket is internal so we cannot track it.

We will likely need a custom solution using fasjson

Openshift preferred method for group mappings is from ldap but that solution doesn't suit us as our IPA server is private and we don't want to allow external access. Openshift also supports group mappings from openid clients which would be our preferred solution but OSD does not support this. I raised a support ticket to ask about it and they said there is an RFE for it but the ticket is internal so we cannot track it. We will likely need a custom solution using fasjson
lrossett commented 2022-06-16 09:23:23 +00:00
Contributor
Copy link

Metadata Update from @lrossett:

  • Issue status updated to: Closed (was: Open)
**Metadata Update from @lrossett**: - Issue status updated to: Closed (was: Open)
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
prometheus_draft3
prometheus_draft2
prometheus
faq_prometheus
No results found.
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: Infrastructure/arc#27
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?