-
Epic
-
Resolution: Done-Errata
-
Critical
-
None
-
None
-
None
Epic Goal
Implement support and testing for running the Compliance Operator on ARM clusters.
Why is this important?
Several OpenShift users are using ARM, and it provides cost savings, which we could leverage in CI.
Scenarios
- As a user, I want to be able to install the Compliance Operator on an ARM OpenShift cluster and leverage it to scan the environment, so that I can use the findings in audit reports
- As an OpenShift engineer, I want my patches to be tested on ARM clusters so that we prevent regressions on ARM architecture when releasing the Compliance Operator.
Acceptance Criteria
- Must have periodic weekly CI that runs some subset of profiles on ARM architecture
- Must have gating CI jobs in the ComplianceAsCode/compliance-operator repository that tests each PR on an ARM cluster
- Must set the appropriate ARM architecture annotations in bundle metadata.
Dependencies (internal and external)
- ...
Previous Work (Optional):
- …
Open questions::
- …
Done Checklist
- CI - CI is running, tests are automated and merged.
- Release Enablement <link to Feature Enablement Presentation>
- DEV - Upstream code and tests merged: <link to meaningful PR or GitHub Issue>
- DEV - Upstream documentation merged: <link to meaningful PR or GitHub Issue>
- DEV - Downstream build attached to advisory: <link to errata>
- QE - Test plans in Polarion: <link or reference to Polarion>
- QE - Automated tests merged: <link or reference to automated tests>
- DOC - Downstream documentation merged: <link to meaningful PR>
- account is impacted by
-
OCPBUGS-54358 Rule audit_rules_unsuccessful_file_modification_open fails on ARM64 clusters
-
- New
-
-
OCPBUGS-54359 Rule audit_rules_unsuccessful_file_modification_open_o_creat fail on ARM
-
- New
-
-
OCPBUGS-54360 Rule audit-rules-unsuccessful-file-modification-open-o-trunc-write fail on arm
-
- New
-
-
OCPBUGS-54361 Rule audit-rules-unsuccessful-file-modification-open-rule-order fail on arm
-
- New
-
-
OCPBUGS-54363 Rule audit-rules-unsuccessful-file-modification-rename fail on arm
-
- New
-
-
OCPBUGS-54364 Rule audit-rules-unsuccessful-file-modification-unlink fail on arm
-
- New
-
- is blocked by
-
OCPBUGS-52887 Rule audit-log-forwarding-uses-tls fails on ARM64
-
- New
-
-
OCPBUGS-52891 Rule container-security-operator-exists fails on ARM64
-
- New
-
-
OCPBUGS-52892 Rule security-profiles-operator-exists fails on ARM64
-
- New
-
-
OCPBUGS-52893 Rule audit-rules-dac-modification-chmod fails on ARM64
-
- New
-
-
OCPBUGS-52894 Rule audit-rules-dac-modification-chown fails on ARM64
-
- New
-
-
OCPBUGS-52895 Rule audit-rules-time-stime fails on ARM64
-
- New
-
-
OCPBUGS-52897 Rule audit-rules-dac-modification-lchown fails on ARM64
-
- New
-
-
OCPBUGS-52898 Rule audit-rules-etc-group-open fails on ARM64
-
- New
-
-
OCPBUGS-52900 Rule audit-rules-etc-gshadow-open fails on ARM64
-
- New
-
-
OCPBUGS-52901 Rule audit-rules-etc-passwd-open fails on ARM64
-
- New
-
-
OCPBUGS-52902 Rule audit-rules-etc-shadow-open fails on ARM64
-
- New
-
-
OCPBUGS-52903 Rule audit-rules-file-deletion-events-rename fails on ARM64
-
- New
-
-
OCPBUGS-52904 Rule audit-rules-file-deletion-events-rmdir fails on ARM64
-
- New
-
-
OCPBUGS-52905 Rule audit-rules-file-deletion-events-unlink fails on ARM64
-
- New
-
-
OCPBUGS-52907 Rule audit-rules-unsuccessful-file-modification-chmod fails on ARM64
-
- New
-
-
OCPBUGS-52908 Rule audit-rules-unsuccessful-file-modification-chown fails on ARM64
-
- New
-
-
OCPBUGS-52909 Rule audit-rules-unsuccessful-file-modification-creat fails on ARM64
-
- New
-
-
OCPBUGS-52910 Rule audit-rules-unsuccessful-file-modification-lchown fails on ARM64
-
- New
-
-
OCPBUGS-52911 Rule audit-rules-unsuccessful-file-modification-open fails on ARM64
-
- New
-
-
OCPBUGS-52912 Rule audit-rules-unsuccessful-file-modification-open-o-creat fails on ARM64
-
- New
-
-
OCPBUGS-52913 Rule audit-rules-unsuccessful-file-modification-open-o-trunc-write fails on ARM64
-
- New
-
-
OCPBUGS-52914 Rule audit-rules-unsuccessful-file-modification-open-rule-order fails on ARM64
-
- New
-
-
OCPBUGS-52915 Rule audit-rules-unsuccessful-file-modification-rename fails on ARM64
-
- New
-
-
OCPBUGS-52916 Rule audit-rules-unsuccessful-file-modification-unlink fails on ARM64
-
- New
-
-
OCPBUGS-52917 Rule audit-rules-dac-modification-umount fails on ARM64
-
- New
-
-
OCPBUGS-52918 Rule bios-enable-execution-restrictions fails on ARM64
-
- New
-
-
OCPBUGS-52884 Rule file-integrity-exists fails on ARM64 clusters
-
- Closed
-
-
OCPBUGS-52885 Rule file-integrity-notification-enabled fails on ARM64 clusters
-
- Closed
-
- relates to
-
CMP-3115 Implement periodic profile CI that runs on ARM architecture
-
- In Progress
-
- links to
-
RHBA-2025:3728 OpenShift Compliance Operator 1.7.0
1.
|
E2E Automation |
|
Closed | |
Xiaojie Yuan |
2.
|
CI Integration |
|
Closed | |
Bhargavi Gudi |