Uploaded image for project: 'OpenShift Builds'
  1. OpenShift Builds
  2. BUILD-864

Shared Resources: Deploy on HyperShift, promote to GA


    • Icon: Epic Epic
    • Resolution: Won't Do
    • Icon: Major Major
    • None
    • None
    • shipwright
    • Shared Resources: Deploy on Hypershift, promote to GA
    • False
    • False
    • Done
    • OCPSTRAT-201 - Enable sharing ConfigMaps and Secrets across namespaces [GA]
    • OCPSTRAT-201Enable sharing ConfigMaps and Secrets across namespaces [GA]
    • 25% To Do, 0% In Progress, 75% Done

      OCP/Telco Definition of Done
      Epic Template descriptions and documentation.

      <--- Cut-n-Paste the entire contents of this description into your new Epic --->

      Epic Goal

      • Ensure Shared Resources properly deploys on hypershift based OCP per prior art for items managed by cluster storage operator

      Why is this important?

      • In order to promote from¬† tech preview to GA, shared resources need to properly deploy on hypershift


      1. As a developer, I want to consume shared Secrets and ConfigMaps in my workloads so that I can have access to shared credentials and configuration.
      2. As a cluster admin, I want the Insights operator to automatically create a SharedSecret for my cluster's simple content access certificate.
      3. As a cluster admin/SRE, I want OpenShift to use SharedConfigMaps to distribute cluster certificate authorities so that data is not duplicated in ConfigMaps across my cluster.

      Acceptance Criteria

      • Pods must have readOnly: true set to use the shared resource CSI Driver - admission should be rejected if this is not set.
      • Documentation updated to reflect this requirement.
      • Users (admins?) are not allowed to create SharedSecrets or SharedConfigMaps with the "openshift-" prefix.

      Dependencies (internal and external)

      1. Guidance / review / approval from OCP SMEs in hypershift/storage
      2. Arch review for the enhancement proposal (Apiserver/control plane team)

      Previous Work (Optional):

      1. BUILD-293 - Shared Resources tech preview

      Open questions::


      Done Checklist

      • CI - CI is running, tests are automated and merged.
      • Release Enablement <link to Feature Enablement Presentation>
      • DEV - Upstream code and tests merged: <link to meaningful PR or GitHub Issue>
      • DEV - Upstream documentation merged: <link to meaningful PR or GitHub Issue>
      • DEV - Downstream build attached to advisory: <link to errata>
      • QE - Test plans in Polarion: <link or reference to Polarion>
      • QE - Automated tests merged: <link or reference to automated tests>
      • DOC - Downstream documentation merged: <link to meaningful PR>

            gmontero@redhat.com Gabe Montero
            gmontero@redhat.com Gabe Montero
            0 Vote for this issue
            2 Start watching this issue