Uploaded image for project: 'OpenShift Windows Containers'
  1. OpenShift Windows Containers
  2. WINC-1349

Create a CI job to test WMCO with FIPS enabled

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Unresolved
    • Icon: Normal Normal
    • None
    • None
    • None
    • 3
    • False
    • None
    • False

      Description

      This story covers creating job (or modifying an existing job) that
      1. run the check-payload scanning script provided by prod sec as a test step
      2. test WMCO in a FIPS environment and

      • FIPS_ENABLED=true for environment for steps that bring up a cluster in the e2e on our OpenShift CI config (eg. env stanza)
      • Add step ref: fips-check-fips-or-die to ensure your test will exit as soon non-FIPS is detected, FYI this doesn't test the image but only the cluster nodes / OpenShift for compliance (eg. ref step)
      • check-payload operator scan will not work in CI directly, instead use the ref: fips-check-image-scan that internally uses check-payload scan local (eg. test step)

      Acceptance Criteria

      Test runs the check-payload scan

      Test brings up WMCO in FIPS enabled env

              Unassigned Unassigned
              mohashai Mohammad Shaikh (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated: