Details
-
Bug
-
Resolution: Done-Errata
-
Critical
-
4.14
-
None
-
No
-
Auth - Sprint 235, Auth - Sprint 236, Auth - Sprint 237, Auth - Sprint 238
-
4
-
Proposed
-
False
-
Description
Description of problem:
Most recent nightly https://amd64.ocp.releases.ci.openshift.org/releasestream/4.14.0-0.nightly/release/4.14.0-0.nightly-2023-04-18-152947 has a lot of OAuth test failures
Example runs:
https://prow.ci.openshift.org/view/gs/origin-ci-test/logs/periodic-ci-openshift-release-master-ci-4.14-e2e-aws-ovn/1648348911074545664
https://prow.ci.openshift.org/view/gs/origin-ci-test/logs/periodic-ci-openshift-release-master-nightly-4.14-e2e-metal-ipi-sdn-bm/1648348885556400128
Error looks like:
fail [github.com/openshift/origin/test/extended/oauth/expiration.go:105]: Unexpected error:
<*tls.CertificateVerificationError | 0xc0023b6330>: {
UnverifiedCertificates: [
{...
Looking at changes in the last day or so, nothing sticks out to me.
Although I believed ART bumped everything to be built with go1.20 and this error is new to go1.20:
"For a handshake failure due to a certificate verification failure, the TLS client and server now return an error of the new type CertificateVerificationError, which includes the presented certificates." - https://go.dev/doc/go1.20
Version-Release number of selected component (if applicable):
4.14.0-0.nightly-2023-04-18-152947
How reproducible:
Looks repeatable
Steps to Reproduce:
1. Build oauth, origin, and related containers with go1.20 (not clear which is causing the test failure) 2. 3.
Actual results:
Tests fail
Expected results:
Additional info:
Attachments
Issue Links
- links to
-
RHSA-2023:5006
OpenShift Container Platform 4.14.z security update