XML

Word

Printable

Type: Story
Resolution: Done
Priority: Major
Fix Version/s: 1.16.0
Affects Version/s: None
Component/s: ArgoCD
Labels:
- 2025Q1
- release-note-item

Story Points:
1
Epic Link:
FIPS enablement : Enable FIPS compliant build for GitOps Components
Blocked:
False
Blocked Reason:
None
Ready:
False
Feature Link:
SECFLOWOTL-108 - FIPS Support - GitOps
Git Pull Request:
https://gitlab.cee.redhat.com/gitops-cpaas-midstream/gitops-midstream-repos/-/merge_requests/1988
Intelligence Requested:
Market:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Epic Goal

Make the GitOps Operator Bundle image for RHEL 8, from CPaaS and Konflux CI systems, FIPS compliant

Technical Work

In the midstream repo, edit the render_templates.in script, to make changes for setting the annotation "features.operators.openshift.io/fips-compliant" to "true" as below
```
features.operators.openshift.io/fips-compliant: "true"
```

Acceptance Criteria

Use the new check tool to scan images
https://github.com/openshift/check-payload : Checks CGO_ENABLED=1 , presence of openssl, strictfipsruntime tag, no_openssl tag, dynamic linking
All existing acceptance tests should pass when run against an OCP cluster with FIPS enabled.
All existing acceptance tests should pass when run against an OCP cluster with FIPS enabled.

Assignee:: Anand Francis Joseph

Reporter:: Anand Francis Joseph

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2024/12/09 1:52 PM

Updated:: 2025/03/07 10:28 AM

Resolved:: 2025/02/19 2:40 PM

Details

Description

Epic Goal

Technical Work

Acceptance Criteria

Attachments

Easy Agile Planning Poker

Activity

People

Dates