Auto Enrollment Secrets Add should be part of the script

[tzheleznyak]

All the part here of adding secrets from the k8s/openshift to DAP master
https://docs.cyberark.com/Product-Doc/OnlineHelp/AAM-DAP/Latest/en/Content/Integrations/ConjurDeployFollowers.htm?tocpath=Setup%7CConfigure%20DAP%20Followers%7C_____2#ConfigureDAPforautoenrollmentofFollowers

Should be done as part of the script and not manually by the user

Motivation :
Currently the user who runs the KCD in order to deploy just a follower to an existing DAP master should store K8S/OCP tokens in the master node in order the master and follower can authenticate each other and start replicating. Even it is the the commands the user need to run. I think adding them to the script could be a good idea so a user will just clone the repo configure in bootstrap his env variables and run it.

In addition if STOP_RUNNING_ENV =TRUE and the user runs the script for a second time on or cluster with k8s namespace same as the user gave it will override the secrets in k8s/OCP and the secret in the DAP master will be diffrent from the followers k8s secret so the communication will fail. So if after the script will create new secret it will store it in the DAP master the script users won't need to face this problem .

[doodlesbykumbi]

Hi @tzheleznyak. Thanks for adding this issue. The motivation behind this issue isn't immediately obvious for me. Would you mind adding it to the description please ? I think doing so would allow anyone else who might come across the issue to better understand the issue.

[tzheleznyak]

Hi @tzheleznyak. Thanks for adding this issue. The motivation behind this issue isn't immediately obvious for me. Would you mind adding it to the description please ? I think doing so would allow anyone else who might come across the issue to better understand the issue.

Added motivation section

[doodlesbykumbi]

@tzheleznyak Thank you