Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add encryption support the k8s OpenStack cinder-csi-plugin #519

Open
5 of 12 tasks
NotTheEvilOne opened this issue Jan 17, 2024 · 3 comments
Open
5 of 12 tasks

Add encryption support the k8s OpenStack cinder-csi-plugin #519

NotTheEvilOne opened this issue Jan 17, 2024 · 3 comments
Assignees
@NotTheEvilOne
Labels
Container Issues or pull requests relevant for Team 2: Container Infra and Tooling IaaS Issues or pull requests relevant for Team1: IaaS SCS-VP03 Related to tender lot SCS-VP03

Comments

@NotTheEvilOne
Copy link

NotTheEvilOne commented Jan 17, 2024
edited

As a SCS Operator, I want to use OpenStack the cinder-csi-plugin with encrypted volumes so that I can use encryption at rest for sensitive data. Enhancements documented at #514 are required to add this support.

Definition of Ready:

  • User Story is clear and understood by the whole team
  • Acceptance criteria are defined
  • Acceptance criteria are clear and understood by the whole team

Acceptance criteria:

  • Changes are implemented in a branch
  • PR for basic encryption is created and linked
  • PR for basic encryption is accepted
  • PR for encryption based on customer keys is created and linked
  • PR for encryption based on customer keys is accepted

Definition of Done:

  • All acceptance criteria are met
  • Changes have been reviewed
  • Documentation has been updated
  • Release Notes have been updated
@NotTheEvilOne NotTheEvilOne added IaaS Issues or pull requests relevant for Team1: IaaS Container Issues or pull requests relevant for Team 2: Container Infra and Tooling SCS-VP03 Related to tender lot SCS-VP03 labels Jan 17, 2024
@NotTheEvilOne NotTheEvilOne self-assigned this Jan 17, 2024
@NotTheEvilOne NotTheEvilOne mentioned this issue Jan 17, 2024
Open
2 tasks
@NotTheEvilOne
Copy link
Author

NotTheEvilOne commented Jan 24, 2024
edited

Working with the actual code revealed missing support to predefine a user selected key for encryption. First basic implementation will focus on a encrypted parameter basically implementing validation and cleanup for the expected volume encryption therefore.

@NotTheEvilOne
Copy link
Author

PR for the basic implementation is created kubernetes/cloud-provider-openstack#2525

@NotTheEvilOne
Copy link
Author

Blueprint and Spec for the "bring your own keys".

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@NotTheEvilOne NotTheEvilOne

Labels
Container Issues or pull requests relevant for Team 2: Container Infra and Tooling IaaS Issues or pull requests relevant for Team1: IaaS SCS-VP03 Related to tender lot SCS-VP03
Projects
Sovereign Cloud Stack
Status: Doing
VP03
Status: No status
Milestone
No milestone
Development

No branches or pull requests
1 participant
@NotTheEvilOne