-
Epic
-
Resolution: Unresolved
-
Undefined
-
None
-
None
-
None
-
MULTIARCH Power - Switch Red Hat operators and layered product base images to UBI Minimal
-
To Do
-
Quality / Stability / Reliability
-
False
-
-
False
-
Not Selected
-
-
None
-
None
With OCPSTRAT-2553, Red Hat OpenShift 4.21 aims to reduce the number of CVEs reported in Red Hat operator and layered product container images by lowering the package count shipping in the base image.
Maintainers must update Dockerfile/Containerfile to switch to UBI 9.7 minimal (or newer) as the base image - registry.redhat.io/ubi9/ubi-minimal. The support for versionmed UBI base image support ends when there is a new minor version (e.g. 9.8) available, so teams are also responsible for keeping up with base image updates and should preferably consume the ubi9-minimal:latest tag.
As part of switching to UBI minimal base images, teams will need to switch from installing any RPM content with dnf to microdnf, which should provide similar features. Teams will also need to ensure that all runtime dependencies, if any, are met if they were previously implicitly installed in the base image.
For the multi-arch compute team, we are maintainers of:
- ibm-powervs-block-csi-driver
- ibm-powervs-block-csi-driver-operator
- cloud-provider-powervs
- machine-api-provider-powervs
- cluster-api-provider-ibmcloud
- machine-api-provider-ibmcloud
Tasks for Each Operator
- Switch Base Image
- Replace Package Manager
- Enable Repositories (If Needed)
References
- is related to
-
OCPSTRAT-2553 Switch Red Hat operators and layered product base images to UBI Minimal
-
- In Progress
-
- links to
