A critical audit of certificate information for OpenShift operators is required due to a recent GitLab incident. While platform-side audits are complete, we need each operator team's cooperation to collect necessary data.

This is an action to ensure compliance and security across the OpenShift operator portfolio. The goal is to complete the audit by the end of 2025.

Required Certificate Details
Each operator team must audit and capture the following details for their certificates:

• System/User Managed: Whether the certificate is system or user managed (or both).
• Purpose: The function of the certificate.
• Duration: The total validity period.
• Rotation Automation: Whether automatic rotation is provided.
• Validity Timing: How long the certificate is valid for (e.g., 30 days, one year).

Action Item: Run Script and Submit Data
To simplify this process, Ramon Acedo Rodriguez has created a script to automate data collection.

1. Run the Script:

• Log into an installed cluster as kube-admin.
• Run the script created by Ramon: [OpenShift Certificate Analyzer (Bash Script)](https://github.com/racedo/openshift-certificate-analyzer/tree/main/Bash%20Script)

2. Submit the Data:

• The script will generate a CSV file containing all the necessary certificate information.
• You must then extract the line entries/rows for your specific operator(s) and insert them directly into the "layered operator inputs" spreadsheet.

Failure to provide this data will result in non-compliance for your operator.