Uploaded image for project: 'OpenShift Container Platform (OCP) Strategy'
  1. OpenShift Container Platform (OCP) Strategy
  2. OCPSTRAT-754

[Phase 1] 3 components to dog food ACS for security best practices conformance testing

    XMLWordPrintable

Details

    • False
    • Hide

      None

      Show
      None
    • False
    • OCPSTRAT-704Dog food ACS to test for security best practices across the OpenShift portfolio
    • 50
    • 50% 50%
    • 0
    • 0

    Description

      1. Establish the practice for Red Hat OpenShift component to be tested against ACS OOTB security violations on an ongoing basis. Violations would be analyzed by component owners and either:
          1. Found as justified:  owner would submit a request to the ACS team identifying the component, the violation , and describing why the violation is justified. It would then be made hidden by the ACS team in a subsequent release.
          2. Identified as a security flaw and added to the component backlog for prioritization. A request may be submitted to ACS to temporarily hide the violation, explaining why it is a low security risk and therefore a low priority.
      2. As part of this process, establish a method to uniquely identify the Red Hat component in a way that is independent of customer environments (specifically, customers may change namespace names, and may deploy their own components into RH predefined namespaces). As an example, we can evaluate using unique labels or annotations. 

      Attachments

        Issue Links

          clones

          Feature - Capability or a well-defined set of functionality that delivers business value. Features can include additions or changes to existing functionality. Features can easily span multiple teams, and potentially multiple releases. OCPSTRAT-788 Improve Cloud Credentials Operator (CCO) and Hive security posture

          • Critical - To be worked on immediately following BLOCKER issues.
          • New
          is cloned by

          Epic - Created by Jira Software - do not edit or delete. Issue type for a big user story that needs to be broken down. CCO-415 CCO to dog food ACS for security best practices confomance testing

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • New

          Activity

            People

              bmichael@redhat.com Boaz Michaely
              julim Ju Lim
              Stephanie Stout Stephanie Stout
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated: