Uploaded image for project: 'OpenShift Builds'
  1. OpenShift Builds
  2. BUILD-1302

FIPS Support

XMLWordPrintable

    • FIPS Support
    • False
    • None
    • False
    • Not Selected
    • To Do
    • 100% To Do, 0% In Progress, 0% Done

      Epic Goal

      Enable compliant deployment of Builds on a FIPS-enabled OpenShift

      More details:

      Note: Builds for OpenShift cannot claim FIPS support until OpenShift Pipelines can support FIPS environments

      Why is this important?

      By Jan 31, 2025 all OpenShift layered products should be FIPS compliant and comply for consumption within FedRamp

      Acceptance Criteria (Mandatory)

      • Builds on OpenShift is FIPS compliant:
        • Konflux static checks verify container image compliance
        • Ideally, Konflux-driven CI verifies builds function correctly on FIPS-enabled clusters. Manual testing on FIPS clusters acceptable.
      • Release Technical Enablement - Provide necessary release enablement details and documents.

      Dependencies (internal and external)

      • s2i: FIPS support BUILD-1166
      • buildah: FIPS support (based on issues like RHELPLAN-37190)
      • Go toolset support for FIPS
      • UBI 9 support for FIPS

      Previous Work (Optional):

      NA

      Open questions::

      None

      Done Checklist

      • Acceptance criteria are met
      • Non-functional properties of the Feature have been validated (such as performance, resource, UX, security or privacy aspects)
      • User Journey automation is delivered
      • Support and SRE teams are provided with enough skills to support the feature in production environment

              rh-ee-asatyam Ayush Satyam
              rh-ee-ssadeghi Siamak Sadeghianfar
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: