Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-27103

Failed to create secret on HyperShift Hosted Cluster with short-lived token was enabled by CCO.

    XMLWordPrintable

Details

    • No
    • Rejected
    • False
    • Hide

      None

      Show
      None
    • Release Note Not Required
    • In Progress

    Description

      This is a clone of issue OCPBUGS-25897. The following is the description of the original issue:

      Description of problem:

      • Hosted cluster credentialsMode mode is not manual and cannot create secrets.
      • Now the Control Plan credentialsMode is the same as Management Cluster, but for this feature, it should be manual mode on Hosted Cluster no matter what the credentialsMode of Management Cluster is.

      Version-Release number of selected component (if applicable):

          4.16

      How reproducible:

          Always

      Steps to Reproduce:

         
 1.Creates CredentialsRequest including the spec.providerSpec.stsIAMRoleARN string. 
   
 2.Cloud Credential Operator could not populate Secret based on CredentialsRequest.   

$ oc get secret -A | grep test-mihuang
#Secret not found.  

$ oc get CredentialsRequest -n openshift-cloud-credential-operator
NAME                                                  AGE
...
test-mihuang                                               44s
    3.

      Actual results:

          Secret not create successfully.

      Expected results:

          Successfully created the secret on the hosted cluster.

      Additional info:

      Attachments

        Issue Links

          clones

          Bug - A problem that impairs or prevents the functions of the product. OCPBUGS-25897 Failed to create secret on HyperShift Hosted Cluster with short-lived token was enabled by CCO.

          • Critical - To be worked on immediately following BLOCKER issues.
          • Verified
          is blocked by

          Bug - A problem that impairs or prevents the functions of the product. OCPBUGS-25897 Failed to create secret on HyperShift Hosted Cluster with short-lived token was enabled by CCO.

          • Critical - To be worked on immediately following BLOCKER issues.
          • Verified
          is depended on by

          Feature - Capability or a well-defined set of functionality that delivers business value. Features can include additions or changes to existing functionality. Features can easily span multiple teams, and potentially multiple releases. OCPSTRAT-110 Hypershift-enablement for short-lived token authentication flows with OLM-managed operators with CCO

          • Critical - To be worked on immediately following BLOCKER issues.
          • In Progress
          links to

          GitHub openshift/hypershift#3420: [release-4.15] OCPBUGS-27103: hcco: use manual mode for CCO

          Web Link RHSA-2023:7198 OpenShift Container Platform 4.15 security update

          Activity

            People

              skuznets@redhat.com Steve Kuznetsov
              openshift-crt-jira-prow OpenShift Prow Bot
              Mingxia Huang Mingxia Huang
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: