paf91 commented on PR #10266: URL: https://github.com/apache/ozone/pull/10266#issuecomment-4452736564
> btw personally I really like this proposal because this make ozone more usable for modern cloud environment. actually I was trying to design this this morning haha Thanks, that is exactly the motivation: make Ozone STS usable in OIDC/cloud-native environments while keeping Ranger/Ozone authorizer as the PDP. I can split it if you think that would make review easier.. The split would be like: 1. OIDC/JWKS + config + design doc 2. `AssumeRoleWithWebIdentity` runtime 3. E2E + Keycloak IT + docs + compose smoke test My preference is to keep this PR together for now (I am lazy haha), since the pieces are connected already and the current PR already shows the full MVP flow end-to-end. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
