Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-24700

Certificate Authorities Support For Custom release-signature stores

XMLWordPrintable

    • Moderate
    • No
    • 3
    • OTA 246, OTA 247, OTA 248, OTA 249, OTA 250, OTA 251, OTA 252, OTA 253, OTA 254
    • 9
    • Rejected
    • False
    • Hide

      None

      Show
      None

      Description of problem:

      The new-in-4.15 ClusterVersion spec.signatureStores should implement the ca property.

      Version-Release number of selected component (if applicable):

      4.15 and 4.15.

      How reproducible:

      Every time, for TechPreviewNoUpgrade clusters where signatureStores exists.

      Steps to Reproduce:

      1. Install a TechPreviewNoUpgrade cluster.
      2. Set up a signature store in the cluster behind the self-signed ingress/router CA:

      FIXME
      

      3. Patch ClusterVersion to ask the CVO to use that store.

      FIXME
      

      4. Ask the cluster to update to a release whose signature is in the custom store:

      FIXME
      

      Actual results:

      FIXME

      Expected results:

      The update is accepted and begins rolling out, as shown by oc adm upgrade. Whether the update successfully completes or not is not relevant.

            lmohanty@redhat.com Lalatendu Mohanty
            trking W. Trevor King
            Jia Liu Jia Liu
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated: