Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-31067

The CSRs are not auto-approved on 4.16.0-ec.4

XMLWordPrintable

    • Moderate
    • No
    • Approved
    • False
    • Hide

      None

      Show
      None
    • N/A - fixed in same version as introduced issue
    • Release Note Not Required
    • In Progress

      Description of problem:

      After build02 is upgraded to 4.16.0-ec.4 from 4.16.0-ec.3, the CSRs are not auto-approved. As a result, provisioned machines cannot become nodes of the cluster.

      Version-Release number of selected component (if applicable):

      oc --context build02 get clusterversion version
      NAME      VERSION       AVAILABLE   PROGRESSING   SINCE   STATUS
      version   4.16.0-ec.4   True        False         4h28m

      How reproducible:

          

      Steps to Reproduce:

          1.
          2.
          3.
          

      Actual results:

          

      Expected results:

          

      Additional info:

      mimccune@redhat.com feels the group "system:serviceaccounts" was missing in the CSR.
      https://redhat-internal.slack.com/archives/CBZHF4DHC/p1710875084740869?thread_ts=1710861842.471739&cid=CBZHF4DHC

      An inspection of the namespace openshift-cluster-machine-approver:
      https://redhat-internal.slack.com/archives/CBZHF4DHC/p1710863462860809?thread_ts=1710861842.471739&cid=CBZHF4DHC

       

      A workaround to approve the CSRs manually on b02:

      https://github.com/openshift/release/pull/50016

       

            jerzhang@redhat.com Yu Qi Zhang
            hongkliu Hongkai Liu
            Sergio Regidor de la Rosa Sergio Regidor de la Rosa
            Charles Doern
            Votes:
            0 Vote for this issue
            Watchers:
            14 Start watching this issue

              Created:
              Updated: