Skip to content

Add /pqc skill for multi-operator PQC compliance#13

Draft
mcgonago wants to merge 2 commits into
openstack-k8s-operators:mainfrom
mcgonago:add-horizon-pqc
Draft

Add /pqc skill for multi-operator PQC compliance#13
mcgonago wants to merge 2 commits into
openstack-k8s-operators:mainfrom
mcgonago:add-horizon-pqc

Conversation

@mcgonago
Copy link
Copy Markdown

@mcgonago mcgonago commented May 10, 2026
edited
Loading

Summary

  • Generalized PQC compliance skill replacing the horizon-only /horizon-pqc
  • Operator profiles for horizon, keystone, nova, and glance
  • Scan mode (--scan) for live compliance analysis of any operator
  • Cross-operator status dashboard (--status)
  • TLS 1.3 enforcement (Go MinVersion) and kRSA cipher blocking (Apache SSL)

Changes from v1 (original horizon-pqc)

  • Renamed from /horizon-pqc to /pqc
  • Added operator profiles architecture (4 operators)
  • Added --scan mode for dynamic compliance checking
  • Added --operator flag for explicit operator targeting
  • Broadened PQC domain knowledge to operator-agnostic patterns

Test plan

  • pre-commit run --all-files passes
  • make test passes
  • /pqc shows usage with 4 supported operators
  • /pqc --operator=horizon shows ticket table
  • /pqc --status shows cross-operator compliance table
  • /pqc OSPRH-28889 generates a valid plan
  • /pqc --operator=glance --scan produces compliance report

🤖 Generated with Claude Code

@mcgonago
Add horizon-pqc skill and agent for PQC compliance
29b9ad6 
Add a new skill and agent for Post-Quantum Cryptography compliance
in horizon-operator. Implements TLS 1.3 enforcement and kRSA cipher
blocking workflows, with ticket routing for the OSPRH-27427 epic.

Signed-off-by: Owen McGonagle <omcgonag@redhat.com>
@mcgonago mcgonago marked this pull request as draft May 10, 2026 03:29
@mcgonago
Generalize /horizon-pqc to multi-operator /pqc skill
dc17e94 
Replace the horizon-specific PQC skill with a generalized version
supporting multiple operators (horizon, keystone, nova, glance).

- Add operator profiles with per-operator PQC pattern mappings
- Add --scan mode for live compliance checking
- Add --status mode for cross-operator compliance table
- Support --operator=<name> targeting and ticket-based routing
- Preserve all horizon-operator ticket routing (OSPRH-27427 epic)

Relates: OSPRH-27427
Signed-off-by: Owen McGonagle <omcgonag@redhat.com>
@mcgonago mcgonago changed the title Add horizon-pqc skill and agent Add /pqc skill for multi-operator PQC compliance May 10, 2026
@mcgonago mcgonago self-assigned this May 11, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@mcgonago mcgonago

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mcgonago