Auto-subscribe RHEL VMs using the Developer Suite subscription
Submitted by Debarshi Ray
In bug 786679, we added the ability to install RHEL virtual machines from Red Hat's developer portal. These VMs are eligible to use the gratis Developer Suite subscription. It will be nice if they would be automatically enrolled with Red Hat's subscription management service upon installation.
We need a way to securely wire the user's credentials that are entered in the embedded WebView to the post installation phase of the express installation.
A Spice channel for the keyring which would allow the host to expose its keyring to the guests? (some spice dev could drop a comment clarifying the feasibility of it)
A key exchange throughout the webdav channel (guest's agent generates a pair, passes its public key to the host which encrypts the authentication data and passes it back to the guest to feed it to the subscription-manager cli).
Wondering if https://libvirt.org/formatsecret.html could be leveraged to pass this data to the guest? The kickstart file could be put in an encrypted qcow2 volume with an 'ephemeral' secret (assuming the guest being able to access the unencrypted text file is not an issue).