Actions
action #176670
openAllow-list for OSD asset download
Start date:
2025-02-06
Due date:
% Done:
0%
Estimated time:
Description
#174154 implemented access control for OSD assets. This ticket suggests to add an IP-based allow list for certain hosts (e.g. openQA developer instances) for being able to access those assets without authentication.
The main idea is to allow users to request being added to such a whitelist via merge requests, e.g. via https://gitlab.suse.de/openqa/salt-states-openqa/. Requirement for being added is that the host in question is part of the allowed CC-zone. Note that this is a requirement for being able to apply to be listed. This explicitly does not mean, that the whole CC-zone is being whitelisted by default.
Acceptance criteria¶
- AC1: Establish a way where users can apply for IP-address based whitelisting for accessing OSD-assets without credentials
Updated by ph03nix 3 months ago
- Related to action #174154: Prevent unauthorized openQA asset download added
Updated by okurz 3 months ago
- Related to action #176241: [spike][timeboxed:10h] Only allow unauthorized asset access on OSD based on network interface size:S added
Updated by okurz about 2 months ago
- Target version changed from future to Tools - Next
Actions