-
Feature
-
Resolution: Unresolved
-
Major
-
None
-
None
-
Strategic Product Work
-
False
-
-
False
-
OCPSTRAT-704Dog food ACS to test for security best practices across the OpenShift portfolio
-
50% To Do, 0% In Progress, 50% Done
-
0
1. Establish the practice for Red Hat OpenShift component to be tested against ACS OOTB security violations on an ongoing basis. Violations would be analyzed by component owners and either:
1. Found as justified: owner would submit a request to the ACS team identifying the component, the violation , and describing why the violation is justified. It would then be made hidden by the ACS team in a subsequent release.
2. Identified as a security flaw and added to the component backlog for prioritization. A request may be submitted to ACS to temporarily hide the violation, explaining why it is a low security risk and therefore a low priority.
2. As part of this process, establish a method to uniquely identify the Red Hat component in a way that is independent of customer environments (specifically, customers may change namespace names, and may deploy their own components into RH predefined namespaces). As an example, we can evaluate using unique labels or annotations.
- clones
-
OCPSTRAT-788 Improve Cloud Credentials Operator (CCO) and Hive security posture
- New
- is cloned by
-
CCO-415 CCO to dog food ACS for security best practices confomance testing
- New