Details
-
Bug
-
Resolution: Done
-
Major
-
1.5.1, 1.6.2
-
False
-
None
-
False
-
Description
Description of problem:
Openshift Gitops cant sync to signed GPG tags. This issue was previously faced by the client in OpenShift Gitops 1.5 version.
But now as they have upgraded the Openshift Gitops operator version to 1.6 the issue still exists.
Prerequisites (if any, like setup, operators/versions):
OCP: 4.10.26
openshift-gitops-operator.v1.6.2
Steps to Reproduce:
1. Generate a GPG key and verify with GitHub.
2. Add the GPG key to ArgoCD and your project in ArgoCD.
3. Create a repo and sign the commit. Deploy and you'll see the deployment is fine.
4. Now create a tag (signed or unsigned) and change targetRevision to the tag. The deployment fails.
Ongoing Upstream Bug: https://github.com/argoproj/argo-cd/issues/7377
Expected results:
It is expected ArgoCD to be satisfied with the signed tag.
Additional info:
slack thread: https://coreos.slack.com/archives/CMP95ST2N/p1668421656426119
https://docs.github.com/en/authentication/managing-commit-signature-verification/generating-a-new-gpg-key
https://docs.github.com/en/authentication/managing-commit-signature-verification/adding-a-new-gpg-key-to-your-github-account
https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work
