Loading...

XML

Word

Printable

Type: Task
Resolution: Done
Priority: Undefined
Fix Version/s: None
Affects Version/s: None
Component/s: None
Labels:
- cfe-plan
- cfeplan

Story Points:
2
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Epic Link:
Support for FIPS compliant cert-manager operator
Intelligence Requested:
Market:

Sprint:
CFE Sprint 253, CFE Sprint 254

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

Changes in golang build commands and probably Dockerfile(s) to ensure FIPS compliant builds could be generated, refer to FIPS workshop slide deck, https://docs.google.com/presentation/d/1o3IowxHX6BsnxGkIInaQ0lBgnn_K5Ex8jxwCYCeNsqs/edit#slide=id.g2679cb578c3_0_17

Primary changes include:

CGO_ENABLED=1
openssl, strictfipsruntime tag, no_openssl tag, dynamic linking
enable "FIPS_ENABLED=true" env var in CI e2e(s) (refer eg. https://github.com/openshift/release/blob/901a218cb1d1b94ac9d47055c92793ca0c8448fe/ci-operator/config/openshift/kubernetes/openshift-kubernetes-master.yaml#L445-L456 )

links to

openshift/cert-manager-operator#185: CM-333: Go build(s) with strictfipsruntime

openshift/release#51700: CM-333,CM-285,CM-335: [o/cert-manager-operator] FIPS e2e for cert-manager 1.14

RHEA-2024:128547 cert-manager Operator for Red Hat OpenShift 1.14.0

mentioned on

Merge request - Updated 2 upstream sources

Assignee:: Swarup Ghosh

Reporter:: Swarup Ghosh

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Created:: 2024/04/23 10:41 AM

Updated:: 2024/07/08 9:41 AM

Resolved:: 2024/05/30 1:10 PM