-
Bug
-
Resolution: Done
-
Major
-
None
-
4.12
-
None
-
Moderate
-
None
-
Rejected
-
False
-
-
If Release Note Needed, Set a Value
-
Set a Value
Description of problem:
This issue exists to drive the backport process of https://github.com/openshift/api/pull/1313
According to the Kubernetes documentation, starting from Kubernetes 1.22, the service-account-issuer flag can be specified multiple times. The first value is then used to generate new tokens and other values are accepted. Using this field can prevent cluster disruptions and allows for smoother reconfiguration of this field.
The status field will allow us to keep track of "used" service account issuers and also expire/prune them.
this is a replacement for: #1309
xref: https://issues.redhat.com/browse/AUTH-309
Version-Release number of selected component (if applicable):
How reproducible:
Steps to Reproduce:
1. 2. 3.
Actual results:
Expected results:
Additional info:
- is cloned by
-
OCPBUGS-2160 Track changes of serviceAccountIssuer in operator status
- Closed
- is depended on by
-
OCPBUGS-2160 Track changes of serviceAccountIssuer in operator status
- Closed