Uploaded image for project: 'OpenShift GitOps'
  1. OpenShift GitOps
  2. GITOPS-1725

argocd-tls-certs-cm is overwritten on any change as of v1.4.0

    XMLWordPrintable

Details

    • 5
    • GITOPS Sprint 215, GITOPS Sprint 214
    • Hide
      Note: we already documented this in v1.4.3 release notes.
      Before this update, the TLS certificate in the argocd-tls-certs-cm configuration map was deleted by the Red Hat OpenShift GitOps unless the certificate was configured in the ArgoCD CR specification tls.initialCerts field. This update fixes this issue.
      Show
      Note: we already documented this in v1.4.3 release notes. Before this update, the TLS certificate in the argocd-tls-certs-cm configuration map was deleted by the Red Hat OpenShift GitOps unless the certificate was configured in the ArgoCD CR specification tls.initialCerts field. This update fixes this issue.
    • False

    Description

      Prior to v1.4.0 of OpenShift GitOps, certificates for TLS validation could be managed via the ArgoCD GUI or by controlling the argocd-tls-certs-cm ConfigMap directly. The value of argocd-tls-certs-cm was set initially when ArgoCD was deployed but not altered thereafter.

      After upgrading to v1.4.0, this ConfigMap is reset to the value of tls.intitialCerts in the ArgoCD CR after any change. This renders the certificate management via the GUI or previous direct ConfigMap control useless and deletes any certificates that were added to the ConfigMap prior to the upgrade.

      Workaround:  Add the needed cert to ArgoCD CR spec  tls.initialCerts.  See https://argocd-operator.readthedocs.io/en/latest/reference/argocd/#tls-options.

      Workaround example: https://github.com/iam-veeramalla/openshift-gitops-examples/blob/master/argocd/GITOPS-1725/argocd-initialTLScerts.yaml

       

      Attachments

        Activity

          People

            aveerama@redhat.com Abhishek Veeramalla
            aaustin@redhat.com Andrew Austin Byrum
            Votes:
            1 Vote for this issue
            Watchers:
            13 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: