-
Epic
-
Resolution: Done
-
Major
-
None
-
None
-
Serve release image signatures from Cincinnati for disconnected environments (Phase-1)
-
False
-
None
-
False
-
Not Selected
-
To Do
-
OCPSTRAT-479 - OSUS improvements(phase 1)
-
-
0% To Do, 0% In Progress, 100% Done
Epic Goal*
Serving OpenShift release signatures via Cincinnati.
Why is this important? (mandatory)
Serving OpenShift release signatures via Cincinnati would allow us to have a single service for update related metadata, namely a Cincinnati deployment on the local network, which the CVO will be configured to poll. This would make restricted/disconnected-network updates easier, by reducing the amount of pre-update cluster adjustments (no more need to create signature ConfigMaps in each cluster being updated).
Scenarios (mandatory)
Current customer workflows like signature ConfigMap creation and ConfigMap application would no longer be required. Instead, cluster-version operators in restricted/disconnected-networks could fetch the signature data from the local OpenShift Update Service (Cincinnati).
Dependencies (internal and external) (mandatory)
The oc-mirror team will need to review/approve oc-mirror changes to take advantage of the new functionality for customers using oc-mirror workflows.
Contributing Teams(and contacts) (mandatory)
Our expectation is that teams would modify the list below to fit the epic. Some epics may not need all the default groups but what is included here should accurately reflect who will be involved in delivering the epic.
- Development -
- Documentation -
- QE -
- PX -
- Others -
Acceptance Criteria (optional)
Restricted/disconnected-network updates work via oc-mirror and a local OpenShift
Update Service, without QE needing to touch signature ConfigMaps.
Drawbacks or Risk (optional)
- The expected audience of restricted/disconnected-network clusters is small, but also hard to estimate.
- Applying a signature ConfigMap is one of possibly several steps in the mirroring/update process, so increased automation for this step may not significantly reduce the overall effort of the update process.
- Maybe eventually signatures will become part of native container images and be stored in container image registries, in which case Cincinnati signature handling will become obsolete.
Done - Checklist (mandatory)
The following points apply to all epics and are what the OpenShift team believes are the minimum set of criteria that epics should meet for us to consider them potentially shippable. We request that epic owners modify this list to reflect the work to be completed in order to produce something that is potentially shippable.
- CI Testing - Tests are merged and completing successfully
- Documentation - Content development is complete.
- QE - Test scenarios are written and executed successfully.
- Technical Enablement - Slides are complete (if requested by PLM)
- Other
