Loading...

XML

Word

Printable

Type: Epic
Resolution: Done
Priority: Major
Fix Version/s: rhos-18.0.0
Affects Version/s: None
Component/s: nova-operator
Labels:
None

Epic Name:
[Compute] Build nova-operator correctly for OCP with FIPS enabled
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Parent Link:
OSPRH-787FIPS Support in OSO 18.0
Dev Approval:
Committed
Docs Approval:
No Docs Impact
Epic Status:
To Do
Feature Link:
OSPRH-787 - FIPS Support in OSO 18.0
PM Approval:
Committed
QE Approval:
Committed
Hierarchy Progress Bar:

0% To Do, 0% In Progress, 100% Done
Intelligence Requested:
Market:

Workstream:

Compute

Release Blocker:
Approved

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

According to scan with check-payload tool nova-operator is not build properly for OCP with FIPS enabled. Scan results:

upstream image

+-------------------------+-----------------+------------------------------+-----------------------------------------------+

| OPERATOR NAME           | EXECUTABLE NAME | STATUS                       | IMAGE                                         |

+-------------------------+-----------------+------------------------------+-----------------------------------------------+

|                         |                 | openssl library not present  | quay.io/openstack-k8s-operators/nova-operator |

| nova-operator-container | /manager        | go binary is not CGO_ENABLED | quay.io/openstack-k8s-operators/nova-operator |

+-------------------------+-----------------+------------------------------+-----------------------------------------------+

downstream image

+-------------------------+-----------------+------------------------------+------------------------------------------------------------------+

| OPERATOR NAME           | EXECUTABLE NAME | STATUS                       | IMAGE                                                            |

+-------------------------+-----------------+------------------------------+------------------------------------------------------------------+

| nova-operator-container | /manager        | go binary is not CGO_ENABLED | registry.redhat.io/rhosp-dev-preview/nova-rhel9-operator:0.1.2-6 |

+-------------------------+-----------------+------------------------------+------------------------------------------------------------------+

links to

openstack-k8s-operators/nova-operator#645: update container images for fips

mentioned on

Merge request - Updated US source to: 77c7b67 update contaienr images for fips

Assignee:: Sean Mooney

Reporter:: Slawomir Kaplonski

Need Info From:: JP Jung

QA Contact:: Jason Grosso

Team:: rhos-dfg-compute

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2024/01/10 1:36 PM

Updated:: 2024/05/29 12:33 PM

Resolved:: 2024/05/29 12:33 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates

PagerDuty