Loading...

XML

Word

Printable

Details

Type: Story
Resolution: Done
Priority: Normal
Fix Version/s: quay-v3.7.5
Affects Version/s: None
Component/s: container-security-operator
Labels:
- container-security-operator
- triaged

Story Points:
5
Blocked:
False
Ready:
False
Epic Link:
CSO disconnected support
Product:
Quay Enterprise
Release Note Text:
Undefined
Git Pull Request:
https://github.com/quay/container-security-operator/pull/69

RICE Score:
0

Target Version:

quay-v3.7.5

SFDC Cases Links:
SFDC Cases Counter:

Description

Users who are working in a disconnected environment do not have direct access to Quay.io and therefore the CSO cannot pull security information for images in the cluster. We should allow users to define proxy variables for their cluster in the pod deployment or use cluster wide proxy settings.

NOTES

Proxies can be set by editing the Subscription
What happens with this customized Subscription upon operator upgrade ? (does it preserve?)
How do we mount the proxy CAs
For further reference on Subscription customization: https://access.redhat.com/documentation/en-us/openshift_container_platform/4.3/html/operators/olm-configuring-proxy-support

ACCEPTANCE CRITERIA

If cluster has global proxy configured, they are used by CSO (including proxies that require certs)
Users can overwrite the proxy configuration (environment variables)
Proxies certs can be provided if necessary (if not set globally)

Attachments

Issue Links

mentioned on

Merge request - Updated US source to: 012e155 proxy: mount cluster trusted ca (PROJQUAY-2153) (#74)

Merge request - Updated US source to: 41fea7c Merge pull request #69 from ricardomaraschini/PROJQUAY-2153

Sub-Tasks

QE Tracker

Closed

Dongbo Yan

Activity

People

Assignee:: Ricardo Maraschini (Inactive)

Reporter:: Ivan Bazulic

Votes:: 1 Vote for this issue

Watchers:: 10 Start watching this issue

Dates

Created:: 2021/06/21 7:59 AM

Updated:: 2022/08/02 12:27 PM

Resolved:: 2022/08/02 4:43 AM