Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: None
Affects Version/s: 4.13.z
Component/s: Installer / openshift-installer
Labels:
- ServiceDeliveryImpact
- pre-merge

Regression:
No
Release Blocker:
Proposed
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Target Version:

4.13.z

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Description of problem:

Customers need the bootstrap node to use secureboot so they can use the policy

"constraints/compute.requireShieldedVm”

Backporting https://github.com/openshift/installer/pull/7002 should solve the problem.

How reproducible:Always

Steps to Reproduce:
Install a GCP cluster with the setting

platform:
    gcp:
        defaultMachinePlatform:
            secureBoot: Enabled

in the installconfig

Actual results:
Bootstrap VM doesn't use secureboot, controlplane nodes do

Expected results: Bootstrap VM uses secureboot as well

Additional info:
See also SDE-3207

is blocked by

OCPBUGS-15855 GCP bootstrap VM should allow SecureBoot setting on 4.14 clusters

Closed

is cloned by

OCPBUGS-15855 GCP bootstrap VM should allow SecureBoot setting on 4.14 clusters

Closed

links to

openshift/installer#7298: OCPBUGS-15591: [release-4.13] gcp: add confidential compute support for boostrap TF

Assignee:: Rafael Fonseca dos Santos

Reporter:: Manuel Dewald

QA Contact:: Jianli Wei

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Created:: 2023/06/30 12:02 PM

Updated:: 2023/09/14 9:46 AM

Resolved:: 2023/07/20 5:12 PM