-
Bug
-
Resolution: Done-Errata
-
Critical
-
None
-
4.15.0
-
None
-
Critical
-
No
-
HAC Infra OCP - Sprint 251
-
1
-
Approved
-
False
-
-
-
Bug Fix
-
Done
-
Description of problem:
When a cluster is configured for direct OIDC configuration (authentication.config/cluster .spec.type=OIDC), console pods will be in crashloop until an OIDC client is configured for the console.
Version-Release number of selected component (if applicable):
4.15.0
How reproducible:
100% in Hypershift; 100% in TechPreviewNoUpgrade featureset on standalone OpenShift
Steps to Reproduce:
1. Update authentication.config/cluster so that Type=OIDC
Actual results:
The console operator tries to create a new console rollout, but the pods crashloop. This is because the operator sets the console pods to "disabled". This would normally actually mean a privilege escalation, fortunately the configuration prevents a successful deploy.
Expected results:
Console pods are healthy, they show a page which says that no authentication is currently configured.
Additional info:
- blocks
-
OCPBUGS-34002 console pods are crashlooping in OIDC authentication configuration
- Closed
- is cloned by
-
OCPBUGS-34002 console pods are crashlooping in OIDC authentication configuration
- Closed
- links to
-
RHEA-2024:3718 OpenShift Container Platform 4.17.z bug fix update
(1 links to)