Uploaded image for project: 'Red Hat Advanced Cluster Management'
  1. Red Hat Advanced Cluster Management
  2. ACM-17106

kubeadmin-password mirror secret still exists when the original one deleted

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • MCE 2.8.0
    • None
    • HyperShift
    • 2
    • False
    • None
    • False
    • 2
    • Workload Mgmt Train 24 - 1
    • Important
    • None

      Description of problem:

          After creating a ROSA hcp cluster, HyperShift operator will create a secret named ***-kubeadmin-password to store the password for kubeadmin in the management cluster, also acm's hypershift-addon-operator will create a mirror secret in the service cluster so that OCM can read it. 
    But if oauth is configured(in the HostedCluster, .Spec.Configuration.OAuth is set), the password is invalid, the original secret in management cluster will be removed by hypershift operator, but the mirror secret still there.

      Version-Release number of selected component (if applicable):

      How reproducible:

      Steps to Reproduce:

          1.Create a ROSA HCP cluster, during creation, select to add an admin user.
    2.After the cluster is ready, access the /credentials endpoint using the command 'ocm get /api/clusters_mgmt/v1/clusters/{cluster_id}/credentials' to get the kubeadmin config and password
    3.Try to use the password to login, will get 401 response

      Actual results:

      Expected results:

      Additional info:

              rokejungrh Roke Jung
              llan@redhat.com Ling Lan
              David Huynh David Huynh
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: