cicd

Technical resources

Introducing a new, enhanced certification tooling for container images

March 15, 2022
3 minute read

 

Red Hat is introducing new tooling for container image certification to replace the existing certification pipeline, and it's ready for beta testing today. Read on for the details and how to get in on the early testing.

What are we announcing?

A new, enhanced certification tooling for container images is planned for release in April. Based on partner feedback, and to complement the recently launched Operator metadata bundle certification pipeline (see this article), this new container certification tooling will allow you to test your containers in your own environment. This tooling will replace the existing scanning mechanism which will simultaneously be removed. This will help give you increased control and visibility into the certification pipeline and the various tests being run, as well as the corresponding PASS/FAIL results. 

This certification tooling,  called “preflight”, is now available for beta testing. Architecture-specific binaries are provided that partners can run locally against containers. We invite you to begin testing our new certification workflow with the preflight tool, and we welcome your feedback.

The container certification beta instructions can be found in the Red Hat OpenShift ecosystem GitHub repository. The feedback form for the tool can be found here as well as at the bottom of the beta instructions page.

*Please note:This tooling is fully functional, but you will not be able to publish your certification during the beta phase. You will be given access to a staged  certified technology portal to test the workflow, but the test results cannot yet be submitted into the production Partner Connect environment.

What’s new?

Image
tooling

Our new certification tooling allows you to run the certification tests on your own computer through the downloadable preflight tool. All you need is a Red Hat Enterprise Linux (RHEL) operating system and access to the image you want to certify. The new tooling gives you control over most of the resources required to conduct container tests prior to submitting the image to Red Hat for the final certification scan. We will check your image for known security vulnerabilities before the certification is completed.

One of the primary benefits of controlling the container test on your own devices is that you can see your results in real time. This facilitates fixing or changing images before officially submitting your results to Red Hat. This saves time, energy, and resources and gives you ownership over your certification testing process.

In addition, we will remove the manual and auto-build services for container images when the new certification process launches in April. A follow-up article with guidance around setting up your own auto-build mechanism is planned to be published in the near future. 

Why these changes?

We are motivated by the feedback from our valued partners. We needed to improve the certification experience by providing a way to speed up the feedback process, and to allow our partners visibility into the certification tooling itself with the ability to contribute changes and participate through our open source community. 

Our certification programs are collaborative efforts, and are now more able to be incorporated into your own CI/CD development workflows. 

What stays the same?

The experience in the certified technology porta (i.e. account setup, project creation, product listings, etc.) is planned to remain largely unchanged. You will still create your certification projects and product listings in the same manner as before, and you will still need to complete the project checklist and fill out the details for your image. 

The overall workflow will feel largely the same, yet will be improved greatly by the new tooling. You will get enhanced visibility into the results of your certification tests and a much faster feedback loop to get certified more easily and more quickly.

Next steps

The partner beta testing period is officially open. We encourage partners to begin testing. The preflight tool is open source and we welcome contributions and feedback. 

Navigate to the instructions here, and start testing your containers!

Look for an official announcement of the GA launch in April when partners can begin using the tool in production. If you have any comments or questions, please contact our Technical Partner Success Desk and let us know how we can assist.

ts
Taylor Smith
Engineering Partner Manager
Taylor works closely with our technology partners along their partner journey to certify, integrate and align with Red Hat platforms.