Uploaded image for project: 'OpenShift CFE'
  1. OpenShift CFE
  2. CFE-248

As a security/dev engineer I want to audit and implement the Node Observability Operator so that it complies with “least privilege” when deployed

XMLWordPrintable

    • CFE Sprint 216, CFE Sprint 217, CFE Sprint 218

      Acceptance Criteria

      • Documentation written and findings shared with the team
      • User stories descriptions updated if necessary
      • Security sign off (pre and post audit)

      Tasks

      • Security team to report their findings
      • Dev team to implement the report findings from the security audit

          1.
          		 As a developer I want to fix the static code analysis threats in the operator Sub-task Closed Undefined Luigi Mario Zuccarelli
          2.
          		 As a developer, I want to validate TLS certificate when making HTTP call to Kubelet Sub-task Closed Undefined Sherine Khoury
          3.
          		 [R&D] As a developer I need to investigate the use of a custom SCC with a custom selinux setting so that the use of privileged containers could be mitigated Sub-task Closed Undefined Sherine Khoury
          4.
          		 As an admin I want communication between Operator and Agent secure Sub-task Closed Undefined Josef Karasek (Inactive)
          5.
          		 As a developer, I want to use a more secure builder image for the agent and the operator Sub-task Closed Undefined Thejas N (Inactive)
          6.
          		 As a developer, I want to used fixed tags as source images for the operator and agent container images Sub-task Closed Undefined Thejas N (Inactive)
          7.
          		 As an operator designer, I want to make sure RBAC is restricted to the minimum necessary Sub-task Closed Undefined Thejas N (Inactive)

              skhoury@redhat.com Sherine Khoury
              luzuccar@redhat.com Luigi Mario Zuccarelli
              Thejas N (Inactive)
              Sherine Khoury
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved:

                  Estimated:
                  Original Estimate - 0 minutes
                  0m
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 2 days
                  2d