So we can have processes query the users outside the Pod usernamespace, like we do in normal Toolforge.
Example use case:
- jobs-api is creating a new job
- to create a proper securityContext specification, it queries what the uid is for the user creating the job
- it does so by hitting the sssd socket mounted into the pod, from the worker node
- the worker node has knowledge of all the defined tool accounts, via LDAP (production) or unix files (lima-kilo)
This task is to track the work to enable this.