Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SYS.1.6.A4 #4

Closed
sluetze opened this issue Nov 7, 2023 · 2 comments
Closed

SYS.1.6.A4 #4

sluetze opened this issue Nov 7, 2023 · 2 comments
Assignees
@sluetze
Labels
not-checkable Requirement can not be checked with Compliance Operator org-only This Requirement of BSI is ONLY an organizational Requirement

Comments

@sluetze
Copy link

sluetze commented Nov 7, 2023

No description provided.

@sluetze sluetze self-assigned this Jul 16, 2024
@sluetze sluetze added org-only This Requirement of BSI is ONLY an organizational Requirement not-checkable Requirement can not be checked with Compliance Operator labels Jul 16, 2024
@sluetze
Copy link
Author

sluetze commented Jul 16, 2024

The process for deploying and distributing images MUST be planned and appropriately documented.

This requirement must be implemented organizationally.

Note: OpenShift supports the requirement through the built-in functionalities and enables the highest possible level of automation. On the one hand, CI/CD tools are delivered with OpenShift pipelines and integrated into the platform. On the other hand, pre-configured build processes based on Red Hat experience are available that are based on Source2Image and thus support planning.

The built-in registry allows you to store images and other associated information, such as Helm charts or SBOMs.

The abstractions available in Openshift allow the entire image distribution process to be documented and controlled as code. This further allows the image distribution process to be managed via OpenShift GitOps.

@sluetze
Copy link
Author

sluetze commented Oct 1, 2024

ComplianceAsCode#12161 was merged, closing

@sluetze sluetze closed this as completed Oct 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sluetze sluetze

Labels
not-checkable Requirement can not be checked with Compliance Operator org-only This Requirement of BSI is ONLY an organizational Requirement
Projects
sig-bsi-grundschutz tracking
Status: Done
Milestone
No milestone
Development

When branches are created from issues, their pull requests are automatically linked.

sys-1-6-A1-A4 sig-bsi-grundschutz/content
1 participant
@sluetze