Loading...

XML

Word

Printable

Type: Epic
Resolution: Done-Errata
Priority: Major
Fix Version/s: rhos-18.0.0
Affects Version/s: None
Component/s: nova-operator
Labels:
None

Epic Name:
[Compute] Build nova-operator correctly for OCP with FIPS enabled
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Parent Link:
OSPRH-787FIPS Support in OSO 18.0
Dev Approval:
Committed
Docs Approval:
No Docs Impact
Epic Status:
To Do
Feature Link:
OSPRH-787 - FIPS Support in OSO 18.0
Fixed in Build:
nova-operator-container-1.0.0-14
PM Approval:
Committed
QE Approval:
Committed
Hierarchy Progress Bar:

0% To Do, 0% In Progress, 100% Done
Release Note Type:
Release Note Not Required
Status Summary:

Hide

this is covered by the generic fips release note

Show
this is covered by the generic fips release note
Test Coverage:

Regression Only
Intelligence Requested:
Market:
Errata Link:
https://errata.engineering.redhat.com/advisory/135531

Release Blocker:
Approved

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

According to scan with check-payload tool nova-operator is not build properly for OCP with FIPS enabled. Scan results:

upstream image

+-------------------------+-----------------+------------------------------+-----------------------------------------------+

| OPERATOR NAME           | EXECUTABLE NAME | STATUS                       | IMAGE                                         |

+-------------------------+-----------------+------------------------------+-----------------------------------------------+

|                         |                 | openssl library not present  | quay.io/openstack-k8s-operators/nova-operator |

| nova-operator-container | /manager        | go binary is not CGO_ENABLED | quay.io/openstack-k8s-operators/nova-operator |

+-------------------------+-----------------+------------------------------+-----------------------------------------------+

downstream image

+-------------------------+-----------------+------------------------------+------------------------------------------------------------------+

| OPERATOR NAME           | EXECUTABLE NAME | STATUS                       | IMAGE                                                            |

+-------------------------+-----------------+------------------------------+------------------------------------------------------------------+

| nova-operator-container | /manager        | go binary is not CGO_ENABLED | registry.redhat.io/rhosp-dev-preview/nova-rhel9-operator:0.1.2-6 |

+-------------------------+-----------------+------------------------------+------------------------------------------------------------------+

links to

openstack-k8s-operators/nova-operator#645: update container images for fips

RHBA-2024:135531 OpenStack Operators

mentioned on

Merge request - Updated US source to: 77c7b67 update contaienr images for fips

Assignee:: Sean Mooney

Reporter:: Slawomir Kaplonski

Need Info From:: JP Jung

QA Contact:: Jason Grosso

Team:: rhos-dfg-compute

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Created:: 2024/01/10 1:36 PM

Updated:: 2024/08/21 5:47 PM

Resolved:: 2024/08/13 3:38 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates

PagerDuty