Bug 2231489

Summary: JWT ID in Call Home Agent
Product: [Red Hat Storage] Red Hat Ceph Storage Reporter: Chris Blum <cblum>
Component: Ceph-Mgr PluginsAssignee: Juan Miguel Olmo <jolmomar>
Ceph-Mgr Plugins sub component: status QA Contact: Sayalee <saraut>
Status: MODIFIED --- Docs Contact: ceph-docs <ceph-docs>
Severity: high    
Priority: unspecified CC: amctagga, yhatuka
Version: 7.0   
Target Milestone: ---   
Target Release: 7.1   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Chris Blum 2023-08-11 17:15:15 UTC 
Description of problem:
In order to use the downstream product, the customer needs to provide a "pull secret" also known as entitlement keys in IBM. This is configured during the installation of the Ceph cluster.
When installing IBM Storage Ceph, this results in a pull secret configured for registry cp.icr.io/cp with username cp. The password is a base64 "encrypted" JWT. Inside of this JWT is a key named "jti" which is the JWT ID.
We want to fetch this JWT ID from the ceph config store and send it with the Call Home data in order to try to identify the customer that this cluster belongs to.

Version-Release number of selected component (if applicable):
7.0 pre-release

How reproducible:
Always

Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

One can apparently dump the pull secret like this:
ceph config-key dump mgr/cephadm/registry_credentials
Comment 7 Juan Miguel Olmo 2023-08-14 13:01:47 UTC 
https://github.ibm.com/ceph/ceph/pull/19