-
Feature
-
Resolution: Unresolved
-
Normal
-
None
-
None
-
None
-
BU Product Work
-
False
-
-
False
-
100% To Do, 0% In Progress, 0% Done
-
L
-
0
Feature Overview (aka. Goal Summary)
This Jira card is a placeholder for the work that will be required for service-ca to align its root CA functionality to the best practices to comply with the requirements of the EU Cyber Resilience Act (CRA).
Note: Analysis is still in progress, and the Jira card will be updated with more information. Analysis includes
- Using cert-manager as an external root CA provider
- Ability to request a rolling certificate rotation
Goals (aka. expected user outcomes)
Users in the EU covered by the CRA regulation should have an OCP out-of-the-box/native declarative mode to comply with the various requirements and best practices organizations define to comply with CRA.
Requirements (aka. Acceptance Criteria):
Preliminary requirements (under investigation):
- Using cert-manager as an external root CA provider
- Ability to request a rolling certificate rotation
Anyone reviewing this Feature needs to know which deployment configurations that the Feature will apply to (or not) once it's been completed. Describe specific needs (or indicate N/A) for each of the following deployment scenarios. For specific configurations that are out-of-scope for a given release, ensure you provide the OCPSTRAT (for the future to be supported configuration) as well.
| Deployment considerations | List applicable specific needs (N/A = not applicable) |
| Self-managed, managed, or both | both |
| Classic (standalone cluster) | yes |
| Hosted control planes | n/a |
| Multi node, Compact (three node), or Single node (SNO), or all | all |
| Connected / Restricted Network | both |
| Architectures, e.g. x86_x64, ARM (aarch64), IBM Power (ppc64le), and IBM Z (s390x) | all |
| Operator compatibility | n/a |
| Backport needed (list applicable versions) | n/a |
| UI need (e.g. OpenShift Console, dynamic plugin, OCM) | n/a |
| Other (please specify) | n/a |
Use Cases (Optional):
Include use case diagrams, main success scenarios, alternative flow scenarios. Initial completion during Refinement status.
<your text here>
Questions to Answer (Optional):
Include a list of refinement / architectural questions that may need to be answered before coding can begin. Initial completion during Refinement status.
<your text here>
Out of Scope
High-level list of items that are out of scope. Initial completion during Refinement status.
<your text here>
Background
Provide any additional context is needed to frame the feature. Initial completion during Refinement status.
<your text here>
Customer Considerations
Provide any additional customer-specific considerations that must be made when designing and delivering the Feature. Initial completion during Refinement status.
<your text here>
Documentation Considerations
Provide information that needs to be considered and planned so that documentation will meet customer needs. If the feature extends existing functionality, provide a link to its current documentation. Initial completion during Refinement status.
<your text here>
Interoperability Considerations
Which other projects, including ROSA/OSD/ARO, and versions in our portfolio does this feature impact? What interoperability test scenarios should be factored by the layered products? Initial completion during Refinement status.
<your text here>
