OCP/Telco Definition of Done
Epic Template descriptions and documentation.

Epic Goal

• Add support for pushing and fetching related artifacts through OCI referrers API in containers/image so signatures and other artifacts pushed through that mechanism could be fetched and validated. 

Why is this important?

• This is important so clients that push signatures through referrers API can still have their images validated. 
• The feature is mainly driven by how cosign is using it (see https://github.com/sigstore/cosign/pull/2684) and we want to maintain the parity with cosign.

Scenarios

1. A user pushes a signature for an image through referrers API and is able to fetch that for validation.
2. An user pushes any artifact to a registry and refers it from an image using a custom artifactType
   • The artifactType will be used by CRI-O to process the additional data by either:
     • Having internal logic to handle the data, for example when we think about seccomp profiles attached to container images
     • Having third party plugins in CRI-O processing the data. 

Acceptance Criteria

• CI - MUST be running successfully with tests automated
• Release Technical Enablement - Provide necessary release enablement details and documents.
•  

Dependencies (internal and external)

1. ...

Previous Work (Optional):

1. …

Open questions::

1. …

Done Checklist

• CI - CI is running, tests are automated and merged.
• Release Enablement <link to Feature Enablement Presentation>
• DEV - Upstream code and tests merged: <link to meaningful PR or GitHub Issue>
• DEV - Upstream documentation merged: <link to meaningful PR or GitHub Issue>
• DEV - Downstream build attached to advisory: <link to errata>
• QE - Test plans in Polarion: <link or reference to Polarion>
• QE - Automated tests merged: <link or reference to automated tests>
• DOC - Downstream documentation merged: <link to meaningful PR>