Bug 2231489 - JWT ID in Call Home Agent
Summary: JWT ID in Call Home Agent
Keywords:
Status: MODIFIED
Alias: None
Product: Red Hat Ceph Storage
Classification: Red Hat Storage
Component: Ceph-Mgr Plugins
Version: 7.0
Hardware: Unspecified
OS: Unspecified
unspecified
high
Target Milestone: ---
: 7.1
Assignee: Juan Miguel Olmo
QA Contact: Sayalee
ceph-docs@redhat.com
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2023-08-11 17:15 UTC by Chris Blum
Modified: 2023-08-17 09:18 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker RHCEPH-7203 0 None None None 2023-08-11 17:15:51 UTC

Description Chris Blum 2023-08-11 17:15:15 UTC 
Description of problem:
In order to use the downstream product, the customer needs to provide a "pull secret" also known as entitlement keys in IBM. This is configured during the installation of the Ceph cluster.
When installing IBM Storage Ceph, this results in a pull secret configured for registry cp.icr.io/cp with username cp. The password is a base64 "encrypted" JWT. Inside of this JWT is a key named "jti" which is the JWT ID.
We want to fetch this JWT ID from the ceph config store and send it with the Call Home data in order to try to identify the customer that this cluster belongs to.

Version-Release number of selected component (if applicable):
7.0 pre-release

How reproducible:
Always

Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

One can apparently dump the pull secret like this:
ceph config-key dump mgr/cephadm/registry_credentials
Comment 7 Juan Miguel Olmo 2023-08-14 13:01:47 UTC 
https://github.ibm.com/ceph/ceph/pull/19
Note You need to log in before you can comment on or make changes to this bug.