Open berendt opened 2 years ago
Moved to Blocked. The preparation for the airgap is still needed for the list of the individual packages.
Cryptographic checksums are there and sufficient (sha256 for each container/artifact). Should be mentioned in release notes.
Prepare SPDX files for several container images (ceph-ansible, kolla-ansible, osism-ansible, python-osism, inventory-reconciler). Added them to the SBOM repository.
SPDX files for kolla-images prepared, not yet pushed anywhere (because of the huge file size)
What still needs to be clarified here? The daily deployments will be changed this week. The rest is done.
As an SCS operator, I want to have a complete list of software (SBOM) (along with sources and versions) that gets pulled into my SCS deployment.
TODO:
NOT YET TODO:
Definition of Ready:
Definition of Done: