Uploaded image for project: 'Drivers'
  1. Drivers
  2. DRIVERS-2882

Add Kubernetes Support for OIDC

XMLWordPrintableJSON

    • Type: Icon: Task Task
    • Resolution: Unresolved
    • Priority: Icon: Unknown Unknown
    • None
    • Component/s: Authentication
    • None
    • Needed
    • Hide

      Summary of necessary driver changes

      •  

      Commits for syncing spec/prose tests
      (and/or refer to an existing language POC if needed)

      •  

      Context for other referenced/linked tickets

      •  
      Show
      Summary of necessary driver changes   Commits for syncing spec/prose tests (and/or refer to an existing language POC if needed)   Context for other referenced/linked tickets  
    • $i18n.getText("admin.common.words.hide")
      Key Status/Resolution FixVersion
      CDRIVER-5528 Backlog
      CXX-3000 Backlog
      CSHARP-5026 Backlog
      GODRIVER-3175 Ready for Work
      JAVA-5405 Blocked
      NODE-6069 Blocked
      MOTOR-1293 Backlog
      PYTHON-4330 Blocked
      PHPLIB-1427 Blocked
      RUBY-3437 Backlog
      RUST-1905 Backlog
      $i18n.getText("admin.common.words.show")
      #scriptField, #scriptField *{ border: 1px solid black; } #scriptField{ border-collapse: collapse; } #scriptField td { text-align: center; /* Center-align text in table cells */ } #scriptField td.key { text-align: left; /* Left-align text in the Key column */ } #scriptField a { text-decoration: none; /* Remove underlines from links */ border: none; /* Remove border from links */ } /* Add green background color to cells with FixVersion */ #scriptField td.hasFixVersion { background-color: #00FF00; /* Green color code */ } /* Center-align the first row headers */ #scriptField th { text-align: center; } Key Status/Resolution FixVersion CDRIVER-5528 Backlog CXX-3000 Backlog CSHARP-5026 Backlog GODRIVER-3175 Ready for Work JAVA-5405 Blocked NODE-6069 Blocked MOTOR-1293 Backlog PYTHON-4330 Blocked PHPLIB-1427 Blocked RUBY-3437 Backlog RUST-1905 Backlog

      Summary

      Drivers will add a "k8s" implementation of an OIDC_CALLBACK that handles AWS EKS, GCP GKE, and Azure AKS.

      Motivation

      End users want to directly use tokens provided by the Kubernetes Service Account to authenticate to MongoDB.

      Notes

      We can use the same test procedure for all three environments, by deploying a debian-based pod and pushing the driver
      test files to the pod. The callback will look for the presence of environment variables to determine the correct local
      path for the token file.

      Acceptance Criteria

      Drivers add a "k8s" callback and test against all three environments.

            Assignee:
            steve.silvester@mongodb.com Steve Silvester
            Reporter:
            steve.silvester@mongodb.com Steve Silvester
            James Kovacs James Kovacs
            KeAna Moutra KeAna Moutra
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated: