Loading...

XML

Word

Printable

Type: Story
Resolution: Unresolved
Priority: Major
Fix Version/s: None
Affects Version/s: None
Component/s: Insights - Advisor, Installation
Labels:
None

Blocked:
False
GitHub Issue:
https://github.com/theforeman/puppet-iop/pull/92
AssignedTeam:
sat-proton

Release Note Type:
None
Release Note Text:
None
Release Note Status:
None

PX Impact Score:
SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

Test Coverage:
None

Market:

Implementation of Feature Request SAT-42077 to add explicit mount options (rw/ro) to quadlet .container files for BSI SYS 1.6 A19 compliance.h2. Goal
Update all quadlet .container files to explicitly declare volume mount permissions to meet compliance framework requirements.

Acceptance Criteria

All quadlet .container files have explicit mount options specified (e.g., :rw or :ro)
Specifically update iop-core-kafka and iop-service-vmaas configurations that currently lack explicit mount options
No functional changes to existing behavior
All volume mounts maintain their intended read/write permissions

Implementation Notes

From Feature Request analysis:

Current state: Some volume declarations like 'iop-core-kafka-data:/var/lib/kafka/data' and 'iop-service-vmaas-data:/data' lack explicit permissions
Required: Add appropriate :rw or :ro suffix to all volume mount declarations
Compliance requirement: BSI SYS 1.6 A19

is depended on by

SAT-42077 [RFE] Set volume mount permission explicitly by default

In Progress

Assignee:: Eric Helms

Reporter:: Eric Helms

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2026/02/13 9:08 PM

Updated:: 2026/02/15 1:27 PM

Details

Description

Acceptance Criteria

Implementation Notes

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates