Unblocking and closing since when it comes to DCM, certificate approval is implemented.

Set to blocked by .

Unblocking this story as I support Ritu on the implementation of rsync-side certificate approval () - more specifically, obtaining the CA-signed user cert from the k8s API.

New story is tracking the rsync gap.

Neither rsync, nor the library it uses for accessing k8s (klient) support updating subresources (needed for certificate approval - resource=csr; subresource=approval or status). Extensive changes and further investigation is expected to get the certificate approval to work. These new changes will be done outside of DCM, where the bulk of the work will be. In terms of DCM itself, part of the changes have already been done: the part where a certificate approval request is sent from DCM to rsync. The other part that will have to be done is making rsync return the signed csr back to DCM and having DCM save that in the DB and generate the kubeconfig (this last piece already has its story, ).

I'll thus create a separate story to address rsync/klient's gaps in order to unblock DCM work.