Project

General

Profile

Actions

action #158455

closed

coordination #105624: [saga][epic] Reconsider how openQA handles secrets

coordination #157537: [epic] Secure setup of openQA test machines with secure network+secure authentication

[spike][timeboxed:10h] openQA worker native on s390x

Added by okurz 6 months ago. Updated 6 months ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Feature requests
Target version:
Start date:
2024-03-28
Due date:
% Done:

0%

Estimated time:

Description

Motivation

In https://sd.suse.com/servicedesk/customer/portal/1/SD-150437 we are asked to handle "compromised root passwords in QA segments" including s390kvm080…099 . We might have an easier time to prevent ssh access to s390x kvm instances if we run the openQA worker instances directly on s390zl12+13. For this we should try to build native openQA-worker packages and see how far we can reach.

G1

  • G1: Feasibility of openQA-worker packages native on s390x has been evaluated
  • G2: Follow-up tasks have been identified

Suggestions

  • Branch build.opensuse.org/package/show/devel:openQA/openQA and enable s390x based on Leap 15.5 or Leap 15.6 and try to build as much as possible, most and foremost os-autoinst+openQA-worker
  • Identify follow-up tasks

Related issues 2 (0 open2 closed)

Copied from openQA Infrastructure - action #158242: Prevent ssh access to test VMs on svirt hypervisor hosts with firewall size:MRejecteddheidler2024-03-28

Actions
Copied to openQA Project - action #158985: openQA worker native on s390xResolvedokurz

Actions
Actions

Also available in: Atom PDF