Uploaded image for project: 'OpenShift Builds'
  1. OpenShift Builds
  2. BUILD-1163

Feature gate for upstream Shipwright features

XMLWordPrintable

    • Icon: Epic Epic
    • Resolution: Unresolved
    • Icon: Normal Normal
    • None
    • builds-1.3
    • shipwright
    • None
    • Feature gate upstream Shipwright features
    • False
    • None
    • False
    • Not Selected
    • In Progress
    • 0% To Do, 100% In Progress, 0% Done

      Epic Goal

      Provide a mechanism for new Shipwright "alpha" features to be disabled at the build controller level, and provide APIs for the operators (upstream Shipwright operator and Builds for OpenShift operator) to disable these features.

      Why is this important?

      Shipwright v0.14.0 is introducing a new "Vulnerability Scanning" feature: https://github.com/shipwright-io/build/issues/1394. This feature is currently opt-in at the Build/BuildRun level.

      This feature uses container images (aquasec/trivy) that we have not productized yet, nor are we ready to support this feature. We need a means to disable this at the cluster/install level.

      Ideally we work with the community to standardize feature gating, so future features can be introduced with minimal risk.

      User Stories

      1. As a cluster admin, I want Builds for OpenShift to disable the Vulnerability Scanning feature by default.
      2. As a cluster admin, I want to opt into enabling the Vulnerability Scanning feature at the cluster level.
      3. As a developer using Shipwright, I want to disable "alpha" features at the build controller level.
      4. As a developer using Shipwright, I want to disable "alpha" features through the Shipwright operator.

      Acceptance Criteria (Mandatory)

      • Builds for OpenShift disables "developer preview" features by default.
      • Builds for OpenShift provides a means for admins to enable a Developer Preview feature (Vuln Scanning by Trivy).
      • Documentation is provided on how to work with feature gates and enable developer preview items.
      • CI - MUST be running successfully with tests automated
      • Release Technical Enablement - Provide necessary release enablement details and documents.

      Dependencies (internal and external)

      TBD

      Previous Work (Optional):

      TBD

      Open questions::

      TBD

      Done Checklist

      • Acceptance criteria are met
      • Non-functional properties of the Feature have been validated (such as performance, resource, UX, security or privacy aspects)
      • User Journey automation is delivered
      • Support and SRE teams are provided with enough skills to support the feature in production environment

              rh-ee-asatyam Ayush Satyam
              rh-ee-sabiswas Sayan Biswas
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated: