Red Hat Bugzilla – Bug 1290118
[RFE] There should be a setting to limit the "repositories" that build can occur with
Last modified: 2018-01-09 05:50:05 EST
Description of problem:
As a System Administrator/OpenShift Administrator I would like to be able to be able to limit the "software that can be installed into my docker images".
1: Yum Repositories (Subscriptions)
- Host Subscriptons allow any repo provided by an entitlement to be used in the container.
More information on work arounds in https://access.redhat.com/solutions/1443553
2: Third Party Repositories (maven, python mirrors, ruby gem mirrors)
- Need a way to limit or set a proxy for all repositores at a global level.
https://bugzilla.redhat.com/show_bug.cgi?id=1124928 (might be a solution)
3: What is the nature and description of the request?
Administrators should have the ability to limit the software installed / allowed into the "datacenter".
5. How would the customer like to achieve this? (List the functional requirements here)
See Ideas/Suggestions above
6. For each functional requirement listed, specify how Red Hat and the customer can test to confirm the requirement is successfully implemented.
Testing should be done by trying to access items outside of the specified repositories.
7. Is there already an existing RFE upstream or in Red Hat Bugzilla?
Not that I am aware of.
8. Does the customer have any specific timeline dependencies and which release would they like to target (i.e. RHEL5, RHEL6)?
This should be done as an OpenShift or (Docker) setting (RHEL7)
10. List any affected packages or components.
Docker / OpenShift
This work may be tracked using https://trello.com/c/jhFrXtnb
See --block-registry command line option