Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-24700

Certificate Authorities Support For Custom release-signature stores

XMLWordPrintable

    • Moderate
    • No
    • 3
    • OTA 246, OTA 247, OTA 248, OTA 249, OTA 250, OTA 251, OTA 252, OTA 253, OTA 254, OTA 256
    • 10
    • Rejected
    • False
    • Hide

      None

      Show
      None

      Description of problem:

      The new-in-4.15 ClusterVersion spec.signatureStores should implement the ca property.

      Version-Release number of selected component (if applicable):

      4.15 and 4.15.

      How reproducible:

      Every time, for TechPreviewNoUpgrade clusters where signatureStores exists.

      Steps to Reproduce:

      1. Install a TechPreviewNoUpgrade cluster.
      2. Set up a signature store in the cluster behind the self-signed ingress/router CA:

      FIXME

      3. Patch ClusterVersion to ask the CVO to use that store.

      FIXME

      4. Ask the cluster to update to a release whose signature is in the custom store:

      FIXME

      Actual results:

      FIXME

      Expected results:

      The update is accepted and begins rolling out, as shown by oc adm upgrade. Whether the update successfully completes or not is not relevant.

              lmohanty@redhat.com Lalatendu Mohanty
              trking W. Trevor King
              Jia Liu Jia Liu
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

                Created:
                Updated:
                Resolved: