Uploaded image for project: 'OpenShift Container Platform (OCP) Strategy'
  1. OpenShift Container Platform (OCP) Strategy
  2. OCPSTRAT-735

Decouple OpenShift Installer from release payload


    • False
    • Hide


    • False
    • OCPSTRAT-911[Outcome] De-risk Terraform dependency in Installer
    • 67% To Do, 0% In Progress, 33% Done
    • L
    • 0
    • Backlog Refinement

      Feature Overview (aka. Goal Summary)  

      Decouple OpenShift Installer from the release payload so the latest patch version of the Installer can deploy any patch OpenShift release in the minor version.

      Goals (aka. expected user outcomes)

      As a user, I want to be able to use the latest binary available for the OpenShift Installer to deploy any previous Z patch release of OpenShift for the matched minor version.

      Requirements (aka. Acceptance Criteria):

      The latest 'openshift-install' can install any z-stream of its matched X.Y version.


      Use Cases (Optional):

      1. There's a CVE in openshift-install codebase fixed in 4.12.25 but a need to continue installing 4.12.20 without potentially executing vulnerable code
      2. There's a known incompatibility between 4.12.25+ installer and < 4.12.10, therefore 4.12.25 should error out if asked to install versions < 4.12.10 because they're specifically known to be incompatible.


      • Decouples fix delivery from the version of the product being installed
        • Fixes for CVEs in openshift-installer code itself
        • Defect fixes for code in openshift-installer
      • Also allows the latest builds of the installer image to install older versions of the product without that image being flagged for including a vulnerable package (ie: glibc or openssl rpms in the image)

      Implementation Considerations

      It is possible the Terraform changes will impact this. How much is not known until more implementation details are known.

      Documentation Considerations

      Usual documentation will be required to instruct the user on how to use this feature.

            mak.redhat.com Marcos Entenza Garcia
            mak.redhat.com Marcos Entenza Garcia
            Jianwei Hou Jianwei Hou
            Stephanie Stout Stephanie Stout
            0 Vote for this issue
            10 Start watching this issue